Allgemein

Sentiment Protocol Hacked: $500K – $1M Lost in Re-Entrancy Attack

Veröffentlicht

• Sentiment Protocol was hacked via a re-entrancy attack
• The team paused the main contract and employed third-party security auditors to fix the vulnerability
• Around $500,000 to $1 million of funds were stolen from the platform.

Hack on Sentiment Protocol

An attack targeting the DeFi lending platform, Sentiment Protocol, has been identified as a re-entrancy attack. On April 4, the Sentiment team made a statement that they had likely been hacked and were looking into the matter. The team had paused the main contract and employed third-party security auditors in order to mitigate any further losses.

Vulnerability

The blockchain records revealed a re-entrancy hack which happened when an external contract repeatedly targeted a compromised Sentiment contract before its status could be updated. Another developer suggested that the hacker specifically called a self-destruct function within a Sentiment smart contract. It is estimated that around $500,000 to $1 million of funds were stolen from the platform via Arbitrum blockchain on which it operates.

Attempted Fund Recovery

Sentiment is working closely with law enforcement and close contributors to pinpoint the hacker’s identity, with their main objective being to recover user funds. A message was addressed to the hacker offering a 10% bounty in exchange for returning rest of funds. However, no further details have been divulged by the team regarding this hack.

Similar Hacks on DeFi Platforms

This is not an isolated incident as similar hacks have targeted other DeFi platforms in recent times – most notably Euler Finance where around $200 million worth of assets were lost but later recovered through negotiations with exploiter (worth around $31 million). This illustrates how vulnerable these protocols are and how important it is for them to stay vigilant about security threats at all times.

Conclusion

It remains unclear if any part of user funds will be retrieved from this particular hack or not but it underscores what every other DeFi platform needs to take away from this incident: prioritize security more stringently than ever before!