In the upcoming digest piece, we’ll go over more specifics and gradually increase the capabilities of our Pessimistic Spotter on-chain monitoring & defense service!
Photo by David Cenciotti + Photomosh | Kopp–Etchells effect Explained | Another Explanation
So today, in the following digest piece, we’ll talk about the most recent news, how it affects (and will affect) industry and our Spotter project, and, of course, we’ll explain our Pessimistic Spotter on-chain monitoring & defense service functionality in a more detailed way!
According to the questions, the audience has several points that need to be discussed further. That’s exactly what we’ll do next!
Follow:
-
spotter.pessimistic.io — Sign-up!
-
pessimistic_spotter_public — Spotter Public Alerts Channel (Telegram)
-
blog.pessimistic.io — Follow our blog!
Check out:
https://blog.pessimistic.io/spotter-digest-4-9dd72c75d32f
https://blog.pessimistic.io/spotter-digest-3-ad8c5c09210b
https://blog.pessimistic.io/spotter-digest-2-5e4efb2c0340
https://blog.pessimistic.io/spotter-digest-1-2f01afca88e0
Yearn Security Incident: 13.04.2023
The system successfully operated and took action very quickly (it recognized an attack and thus performed the first step — detection), demonstrating once more that it is possible to then pause contracts, launch counterattacks, and take other actions when connecting the experimental part of the Spotter to the supported project…
It is important to note — AAVE was not hacked, this incident only affected Yearn. To understand the details — read about Flash Loan attacks here and here!
To put it another way, our system operates in an experimental mode, and the test indicated that we (as well as the Yearn team!) would have sufficient time (15 minutes ❗️) to respond:
There were at least three different approaches that we actually could take in order to counteract this attack, presuming that it would occur to the supported protocol in the same manner that it occurred to AAVE & Yearn (attacker used a public pool):
-
Сounter-attack hacker via MEV bots (since this exact attack was performed on a public pool) land then return the money to the project.
-
Put the contract on hold (pause) through the integration with the project (keep in mind — in this exact case, Yearn/AAVE were not our customers/supported projects). Check out this article to know more about operational changes in live contracts.
-
And finally, to slow down the attack through the connection with the validators and offer the hacker a bounty beforehand (read more about it here).
It is important to mention that currently our system does not counter-attack (and currently does monitoring only) as we first need to sign a contract with the protocol!
https://library.dedaub.com/ethereum/address/0x8102ae88c617deb2a5471cac90418da4ccd0579e/overview
Btw, a “fun” fact of the happened exploit is that any AAVE USDT debt on v1 got repaid:
Nevertheless, we have confirmed the theoretical possibility of active protection and will continue our research in this direction!
Here is the technology that I described in 2020, and it is similar to the implementation of roughly the same web2-origin thing but in blockchain. This is exactly the idea we want to convey — there are already working bundles, you just need to properly adapt them to the data-layer.
There are more specific things in our distant plans: for example, if the Health Factor of the certain collateral changes (for lending protocols — examples), or if the protocol you are using is hacked (that’s a custom thing), it can alert the active protection system located either on your own or on our server (and built under our control), which will then make an emergency withdrawal and save your position/assets.
Attack TLDR:
-
In-Depth Explanation — by SlowMist
-
The Root Cause Analysis — by PeckShield
-
Stolen Funds Flow — by MetaSleuth
https://decrypt.co/126194/older-versions-of-aave-yearn-finance-exploited-11-6m
Simultaneously, we intend to make it the most convenient for both projects & average users and will adhere to this paradigm!
Pessimistic News
Some news from our ‘‘parent’’ auditing company that we think is important enough to mention!
-
Several security audits have been successfully performed! By the way, here are some vacant slots so if your project needs an audit — feel free to write to us, visit our public reports page here!
-
We are currently doing some research — including exploring new tools, researches, methods and their possible use in our Spotter project, for example: ERC4626 security tips, governance counter-attacks, and, of course, new MEV bots (especially — MEV bots security) with several back-running techniques. We will continue our research work in this direction in the future!
-
This month, we completed another successful study, check it out:
https://officercia.mirror.xyz/TU9__AcmdWlGuXfN8FQlKvh42gs6V1VbS7vOt0iz3kA
-
spotter.pessimistic.io — Sign-up!
-
pessimistic_spotter_public — Spotter Public Alerts Channel (Telegram)
-
blog.pessimistic.io — Follow our blog!
-
twitter.com/sadspotter — Follow us on Twitter!
We also hope for your support because we think this market is crucial, first and foremost for the overall security of our industry! You can subscribe to our blog to make sure you don’t miss any of the regular news and updates we plan to publish on the project in a special digest!
In the following articles we will gradually expand the functionality of our service and provide an opportunity to test it on your system. We’ll let you know the release date soon, stay tuned! 🙂
Photo by David Cenciotti + Photomosh | Kopp–Etchells effect Explained | Another Explanation
Thank you very much for your attention!
Support is very important to me, with it I can do what I love — educating users!
If you want to support my work, please consider donating me to the address:
https://github.com/OffcierCia/support
-
0xB25C5E8fA1E53eEb9bE3421C59F6A66B786ED77A or officercia.eth — ETH, BSC, Polygon, Optimism, Zk, Fantom, etc
-
4AhpUrDtfVSWZMJcRMJkZoPwDSdVG6puYBE3ajQABQo6T533cVvx5vJRc5fX7sktJe67mXu1CcDmr7orn1CrGrqsT3ptfds — Monero XMR