A brief history of DeFi hacks

The Chainalysis 2023 Crime Report paints a concerning picture of the current threat landscape, with a significant increase in hackers' focus on DeFi-related protocols. The report reveals that a staggering 82.1% of all cryptocurrencies stolen by hackers last year, amounting to a staggering $3.1 billion, came from DeFi protocols—a significant jump from 73.3% in 2021.

How did DeFi become the target?

Most DeFi apps make their code readily available online, enabling users and partners to scrutinize it for security and reliability. This transparency not only builds trust but also fosters a remarkable level of composability, allowing different protocols to seamlessly integrate and interact with one another.

However, this very transparency, which is a core strength of DeFi, can also be its Achilles' heel. By exposing the code, potential vulnerabilities are laid bare, providing an opportunity for malicious actors to identify and exploit weaknesses within the system.

How do hackers exploit DeFi protocols?

Oracle manipulation

One avenue for hackers involves manipulating the oracle smart contract, which DeFi protocols rely on to gather external data. By tampering with the oracle, attackers can distort token price information, leading to malicious outcomes.

Smart contract logic errors

The rush to bring DeFi protocols to the market quickly can result in oversight by developers, causing trivial vulnerabilities and errors to go unnoticed. Given the open-source nature of DeFi protocol code, attackers can analyze smart contract code, identify glitches, and exploit them to their advantage.

Reentrancy attacks

These attacks occur when a smart contract calls an external contract that is untrusted without properly resolving it, creating an opportunity for attackers to exploit vulnerabilities and gain unauthorized access.

How big are DeFi’s biggest hacks?

Among the hundreds of hacks that have taken place throughout DeFi's relatively brief existence, these three take the gold, silver, and bronze medals for their massive scale.

Ronin Network: $625 million

In March 2022, the DeFi landscape witnessed the largest hack in history. The Ronin Network serves as a bridge between the Ethereum blockchain and Axie Infinity, facilitating seamless transfers of ETH for players. 

However, attackers found a way to compromise the Ronin Bridge, enabling them to forge fake withdrawals and gain unauthorized access to five validators. In just two transactions, the hacker managed to steal 173,600 ETH and 25.5 million USDC. 

The magnitude of this hack exposed vulnerabilities within DeFi network security and highlighted the need for enhanced measures. It took six days for the stolen funds to be detected, and Binance was able to recover $5.8 million of the stolen $625 million a month later.

Nomad Bridge: $190 million

In August 2022, the Nomad Bridge attack became one of the first instances where multiple hackers replicated the same exploit, spanning 1175 transactions.

Nomad Bridge, which facilitates token swaps across various blockchains like Ethereum, Moonbeam, Avalanche, and Evmos, became a target due to the substantial value of assets it held and the intricate nature of the underlying smart contract code. 

The vulnerability that facilitated this hack was attributed to a flaw in the code of Nomad, which allowed the attackers to withdraw more assets than they had initially deposited. 

In an unexpected turn of events, the Nomad team publicly requested the return of the stolen funds, leading white hat hackers to return approximately $30 million.

Wintermute: $160 million

Wintermute provides liquidity on over 50 exchanges and trading platforms. In September 2022, a vulnerability stemmed from the protocol's use of vanity wallet addresses, which could be recreated by hackers. 

Exploiting this weakness, the attackers gained access to Wintermute's DeFi vault and hot wallet contract, allowing them to abscond with the assets inside.

While attempting to mitigate the hack, Wintermute emptied its hot wallet, but overlooked removing the admin address from the vault. 

How does Haven1 protect users from these risks?

Haven1 is a purpose-built Layer 1 blockchain incubated by Yield App. Upon launch in 2024, Haven1 will set a new standard for on-chain security and compliance, enable greater accountability, and reduce the risk of malicious activities. How?

• An innovative provable identity framework requires users to verify their identity to execute transactions on the blockchain. Each transaction is cross-checked by validators against anonymized user data for compliance with sanctions and regulatory restrictions.
• One of the primary obstacles faced by cross-chain network implementations is the reliance on automated bridging solutions. These solutions often employ experimental code to expedite settlements, but they also expose users to the risk of capital losses resulting from smart contract failures and exploits.
• Haven1 tackles this challenge head-on by partnering with established and reputable entities. Through these partnerships, Haven1 ensures that every asset on its platform maintains a 1:1 backing with the corresponding underlying asset, guaranteeing continuous redeemability. This empowers users to store their assets securely and transparently in cold storage on Haven1, providing an additional layer of protection against hacks and other malicious exploits.
• To further enhance security, Haven1 implements a 24–48-hour withdrawal waiting period. This enables network validators to identify and address potential instances of malicious behavior, bolstering the overall security of the ecosystem.

Stay ahead of DeFi history, explore the Haven1 litepaper.