Network And Token Freeze After Acala Exploit Raises Questions
The Acala hack saw over one billion USD stablecoins minted from thin air.
nevertheless, community members are scratching their heads wondering how a decentralized protocol would handle the clean-up.
The Acala Network’s USD stablecoin depegged by over 99% over the weekend.
The Situation forced the Acala team to pause a hacker’s wallet, raising concerns about its claim of being decentralized.
Hacker Exploited Acala’s Network Loophole
On Sunday, a hacker took advantage of a bug on the BTC/USD liquidity pool which resulted in 1.2 billion USD being minted without collateral.
This event crashed the United States dollar-pegged stablecoin to a cent.
Instantaneously, the Acala team froze the erroneously minted tokens by placing the network in maintenance mode.
The move also halted other features such as swaps, xcm and the oracle pallet price feeds until further notice.
proponents of decentralization have cried foul, even though the network was set into maintenance mode.
Ideally freezing funds in the hacker’s wallet was aimed to protect users of the network from any further harm.
Acala is a cross-chain decentralized finance (DeFi) hub that issues the USD stablecoin based on the Polkadot blockchain.
USD is a crypto-backed stablecoin that Acala claims are censorship-resistant.
BTC is a form of Wrapped Bitcoin (wBTC), which can be used in Defi protocols.
Community members have noted the irony of Acala’s claims about aUSD’s censorship resistance since the protocol froze funds so swiftly.
Second Of Acala’s Exploit
The Acala exploit is the second major one in a week as Curve Finance experienced an attack on its front end on Aug. 9, which directed users to approve a malicious contract.
Acala’s problem differs from Curve’s, as the latter’s pools were not compromised. Users who directly interacted with its smart contracts experienced no issues.
USD is the latest stablecoin to lose its peg in the past few months.
Igniting notoriously with TerraUSD (UST) in May, which has since been renamed TerraUSD Classic (USTC).
Other notable dependencies include Tether (USDT) and Dei (DEI).
As of this moment, the network was still in maintenance mode to block all token transfers, but the team confirmed that the bug had been fixed.
The wallets that received erroneously minted USD have been identified.
However, 99% of that account were still on Acala which leaves the possibility that they may be retrieved by the community if it votes to do so.