dYdX founder Antonio Juliano said they’re working to find the original culprit behind the exploit, and they’d rather pay community members who help in the investigation than the exploiter.
Decentralized finance (DeFi) protocol dYdX founder Antonio Juliano took to X (formerly Twitter) to share some of the findings of the investigation into the loss of $9 million in insurance funds, in what many suspected was an exit scam that took place on Nov. 17.
Juliano noted that the actual dYdX chain wasn’t compromised, and the insurance claims of $9 million took place on the v3 chain. The v3 insurance fund was used to fill gaps in liquidation processes in the YFI market.
The protocol co-founder also stressed that dYdX has no plans to negotiate with the exploiters behind the attack and will instead pay bounties to those most helpful in aiding the investigation:
“We will not pay bounties to, or negotiate with the attacker. We and others have made significant progress into identifying the attacker. We are in the process of reporting the information we have to the FBI.”
Juliano added that the v3 chain that was exploited has central components that could be one of the potential causes behind the compromise. The security incident caused the Yearn.finance token to drop by 43% on Nov. 17. The sudden price crash raised concerns within the crypto community about a possible exit scam.
To be very clear: the recent insurance fund incident on dYdX was on v3 and not the dYdX Chain
v3 has central components, dYdX Chain does not. We help to operate v3, we do not help to operate dYdX Chain. This is important to understand why we have taken the actions we have
— Antonio | dYdX (@AntonioMJuliano) November 20, 2023
The exploit on Nov. 17 targeted long positions in YFI tokens on the exchange, liquidating positions worth nearly $38 million. This was one of the key catalysts behind the price drop of the YFI token. The trade-in question wiped out over $300 million in market capitalization from the YFI token, further fueling the insider job theory.
Security breaches in DeFi are nothing new. However, this incident is different because dYdX is focused on finding the culprit using the community rather than paying a direct bounty to the exploiters.
Magazine: Beyond crypto — Zero-knowledge proofs show potential from voting to finance