Compound Crashes Leads To Users Getting ETH Locked For 7 Days

Market-leading lending protocol DeFi, Compound Finance, has just launched a proposal to upgrade its Chainlink price index. However, this code has an error and leads to some unnecessary problems.
Compound Crashes Leads To Users Getting ETH Locked For 7 Days
Compound Crashes Leads To Users Getting ETH Locked For 7 Days 3

This code makes it impossible for users who are lending or borrowing cETH (Compound ETH) to roll back their transactions. This means that users cannot borrow or withdraw collateral. Because of the above incident, users need to load in other types of assets to avoid liquidating existing loan positions.

According to an update from Security Solutions Architect Michael Lewellen of OpenZeppelin, the code bug came from the “getUnderlyingPrice” function, which did not update the price of cETH tokens, would return empty bytes and cause the call to be reverted.

“The primary issue right now is a temporary denial of service for the cETH market which will be resolved by the new governance proposal. No funds are at risk at this time. The rest of the cToken markets on Compound V2 and all of V3 remain functional,” Lewellen said.

Compound Crashes Leads To Users Getting ETH Locked For 7 Days
Compound Crashes Leads To Users Getting ETH Locked For 7 Days 4

The above error code caused the front end of Compound to stop working temporarily. Very soon, around 8 pm UTC on August 30, the protocol relaunched the front end normally. Compound founder Robert Leshner said on Discord:

“No funds seem immediately at risk. It will likely be seven days until cETH is functioning normally. There will potentially be more governance proposals to rectify the situation.”

Compound Labs reported that the coding flaw occurred despite the Oracle contract being reviewed by three independent smart contract auditing businesses, including OpenZeppelin and ChainSecurity, among the most recent firms to evaluate smart contracts.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join CoinCu Telegram to keep track of news: https://t.me/coincunews

Follow CoinCu Youtube Channel | Follow CoinCu Facebook page

Harold

CoinCu News

Compound Crashes Leads To Users Getting ETH Locked For 7 Days

Market-leading lending protocol DeFi, Compound Finance, has just launched a proposal to upgrade its Chainlink price index. However, this code has an error and leads to some unnecessary problems.
Compound Crashes Leads To Users Getting ETH Locked For 7 Days
Compound Crashes Leads To Users Getting ETH Locked For 7 Days 7

This code makes it impossible for users who are lending or borrowing cETH (Compound ETH) to roll back their transactions. This means that users cannot borrow or withdraw collateral. Because of the above incident, users need to load in other types of assets to avoid liquidating existing loan positions.

According to an update from Security Solutions Architect Michael Lewellen of OpenZeppelin, the code bug came from the “getUnderlyingPrice” function, which did not update the price of cETH tokens, would return empty bytes and cause the call to be reverted.

“The primary issue right now is a temporary denial of service for the cETH market which will be resolved by the new governance proposal. No funds are at risk at this time. The rest of the cToken markets on Compound V2 and all of V3 remain functional,” Lewellen said.

Compound Crashes Leads To Users Getting ETH Locked For 7 Days
Compound Crashes Leads To Users Getting ETH Locked For 7 Days 8

The above error code caused the front end of Compound to stop working temporarily. Very soon, around 8 pm UTC on August 30, the protocol relaunched the front end normally. Compound founder Robert Leshner said on Discord:

“No funds seem immediately at risk. It will likely be seven days until cETH is functioning normally. There will potentially be more governance proposals to rectify the situation.”

Compound Labs reported that the coding flaw occurred despite the Oracle contract being reviewed by three independent smart contract auditing businesses, including OpenZeppelin and ChainSecurity, among the most recent firms to evaluate smart contracts.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join CoinCu Telegram to keep track of news: https://t.me/coincunews

Follow CoinCu Youtube Channel | Follow CoinCu Facebook page

Harold

CoinCu News