The decentralized finance (DeFi) sector continues to attract increased attention from cryptocurrency investors. Cryplogger has collected the most important events and news of recent weeks in a digest.
The main indicators of the DeFi segment
The volume of funds blocked (TVL) in DeFi protocols increased to $49.15 billion. The leader was Lido with $12.19 billion, while MakerDAO ($7.36 billion) and AAVE ($5.4 billion) hold the second and third lines of the rating, respectively. .
TVL in Ethereum Apps Falls to $28.71 Billion Decentralized Exchange (DEX) Trading Volume Over Last 30 Days made up $70.1 billion
Uniswap continues to dominate the non-custodial exchange market, accounting for 60.6% of total turnover. The second DEX in terms of trading volume is PancakeSwap (17.9%), the third is SushiSwap (9.4%).
Uniswap Unveils Solutions to Reduce Protocol Overhead
The Uniswap decentralized exchange team has created a new Permit2 approval mechanism that allows smart contracts to move tokens on behalf of users.
According to the developers, sometimes there are situations in which several transfers are required, and therefore gas payments, which leads to “user frustration and potential security risks.”
Permit2 allows network members to set their own permissions and approve the transfer of tokens with a single signature, and also significantly reduces fees.
Uniswap has created a so-called “universal router” for token and NFT exchanges.
“The routers are optimized to find the lowest prices and complete deals with the lowest gas costs. […] With the help of the new smart contract, users will be able to perform multiple exchanges on Uniswap V2 and V3 and buy NFTs on various marketplaces in a single transaction.
Both technologies are interconnected. Thus, the user passes the permission from Permit2 directly to the router, which does not require additional calculations.
Curve Finance launches crvUSD stablecoin on Ethereum mainnet
The developers of the Curve Finance decentralized exchange have deployed smart contracts for the crvUSD decentralized stablecoin on the Ethereum mainnet.
The USD-pegged stablecoin will use an over-collateralized model similar to DAI from the MakerDAO project.
The stablecoin is built on the Lending-Liquidating AMM algorithm, which continuously liquidates and automatically deposits collateral to manage risk and maintain parity with the US national currency.
DeFi protocol 0VIX hacked for $2 million
The attacker withdrew more than $2 million worth of digital assets from the 0VIX DeFi protocol, allegedly as a result of a flash loan attack.
According to on-chain data, the hacker’s prey was:
- ~1.45 million USDC;
- ~0.58 million USDT;
- ~9566 Aavegotchi tokens (GHST).
An unknown person transferred assets from the Polygon network to Ethereum via the Stargate Finance cross-chain bridge and converted them into ETH.
The 0VIX team confirmed the incident without details and suspended the markets on Polygon and zkEVM. The latter were not affected by the attack and the actions became a precautionary measure.
According to the developers, the attack vector is associated with GHST.
“The main cause of the exploit was a vulnerable GHST oracle, which allowed the attacker to manipulate the price,” Hacken experts confirmed their conclusions.
DEX Merlin based on zkSync Era hacked for $1.82 million
Merlin, a decentralized exchange based on zkSync Era, lost approximately $1.82 million in assets in an alleged exploit immediately after the CertiK audit.
The developers of the exchange announced an investigation into a possible hack and recommended that users withdraw approvals for all smart contracts.
The incident occurred immediately after the launch of the platform’s main income farming pools. On April 24, CertiK completed a security re-audit of the Merlin codebase.
The latter said that the preliminary investigation pointed to a potential problem with private key management as the main reason for the unauthorized withdrawal of funds, and not an exploit.
The eZKalibur DEX team allegedly identified malware in the Merlin software that allowed the assets to be stolen. Exchanges use smart contract code similar to Camelot, another decentralized platform in the zkSync Era network.
Unlike competitors, two lines have been added to the Merlin contract implementation function, which make it possible to withdraw an unlimited number of tokens to your own address.
Also on Cryplogger:
Found a mistake in the text? Select it and press CTRL+ENTER
Cryplogger Newsletters: Keep your finger on the pulse of the bitcoin industry!
The decentralized finance (DeFi) sector continues to attract increased attention from cryptocurrency investors. Cryplogger has collected the most important events and news of recent weeks in a digest.
The main indicators of the DeFi segment
The volume of funds blocked (TVL) in DeFi protocols increased to $49.15 billion. The leader was Lido with $12.19 billion, while MakerDAO ($7.36 billion) and AAVE ($5.4 billion) hold the second and third lines of the rating, respectively. .
TVL in Ethereum Apps Falls to $28.71 Billion Decentralized Exchange (DEX) Trading Volume Over Last 30 Days made up $70.1 billion
Uniswap continues to dominate the non-custodial exchange market, accounting for 60.6% of total turnover. The second DEX in terms of trading volume is PancakeSwap (17.9%), the third is SushiSwap (9.4%).
Uniswap Unveils Solutions to Reduce Protocol Overhead
The Uniswap decentralized exchange team has created a new Permit2 approval mechanism that allows smart contracts to move tokens on behalf of users.
According to the developers, sometimes there are situations in which several transfers are required, and therefore gas payments, which leads to “user frustration and potential security risks.”
Permit2 allows network members to set their own permissions and approve the transfer of tokens with a single signature, and also significantly reduces fees.
Uniswap has created a so-called “universal router” for token and NFT exchanges.
“The routers are optimized to find the lowest prices and complete deals with the lowest gas costs. […] With the help of the new smart contract, users will be able to perform multiple exchanges on Uniswap V2 and V3 and buy NFTs on various marketplaces in a single transaction.
Both technologies are interconnected. Thus, the user passes the permission from Permit2 directly to the router, which does not require additional calculations.
Curve Finance launches crvUSD stablecoin on Ethereum mainnet
The developers of the Curve Finance decentralized exchange have deployed smart contracts for the crvUSD decentralized stablecoin on the Ethereum mainnet.
The USD-pegged stablecoin will use an over-collateralized model similar to DAI from the MakerDAO project.
The stablecoin is built on the Lending-Liquidating AMM algorithm, which continuously liquidates and automatically deposits collateral to manage risk and maintain parity with the US national currency.
DeFi protocol 0VIX hacked for $2 million
The attacker withdrew more than $2 million worth of digital assets from the 0VIX DeFi protocol, allegedly as a result of a flash loan attack.
According to on-chain data, the hacker’s prey was:
- ~1.45 million USDC;
- ~0.58 million USDT;
- ~9566 Aavegotchi tokens (GHST).
An unknown person transferred assets from the Polygon network to Ethereum via the Stargate Finance cross-chain bridge and converted them into ETH.
The 0VIX team confirmed the incident without details and suspended the markets on Polygon and zkEVM. The latter were not affected by the attack and the actions became a precautionary measure.
According to the developers, the attack vector is associated with GHST.
“The main cause of the exploit was a vulnerable GHST oracle, which allowed the attacker to manipulate the price,” Hacken experts confirmed their conclusions.
DEX Merlin based on zkSync Era hacked for $1.82 million
Merlin, a decentralized exchange based on zkSync Era, lost approximately $1.82 million in assets in an alleged exploit immediately after the CertiK audit.
The developers of the exchange announced an investigation into a possible hack and recommended that users withdraw approvals for all smart contracts.
The incident occurred immediately after the launch of the platform’s main income farming pools. On April 24, CertiK completed a security re-audit of the Merlin codebase.
The latter said that the preliminary investigation pointed to a potential problem with private key management as the main reason for the unauthorized withdrawal of funds, and not an exploit.
The eZKalibur DEX team allegedly identified malware in the Merlin software that allowed the assets to be stolen. Exchanges use smart contract code similar to Camelot, another decentralized platform in the zkSync Era network.
Unlike competitors, two lines have been added to the Merlin contract implementation function, which make it possible to withdraw an unlimited number of tokens to your own address.
Also on Cryplogger:
Found a mistake in the text? Select it and press CTRL+ENTER
Cryplogger Newsletters: Keep your finger on the pulse of the bitcoin industry!
