Tuesday, November 24, 2020
Home Decrypt News Eminence Finance Exploit Leads to 'Degen' Soul Searching

Eminence Finance Exploit Leads to 'Degen' Soul Searching

The latest “test in prod” experiment from Yearn founder Andre Cronje has many degen traders questioning their YOLO nature following a flash loan attack of contracts that hadn’t been officially released to the public yesterday afternoon.

Eminence Finance, an NFT gaming ecosystem that was still in development, was exploited by a hacker who stole $15M after traders rushed to farm EMN – a token meant to act as a reward stablecoin with zero inherent value.

“It’s a flat currency, not a token,” Cronje commented in a private group. “Meant for non speculative ingame purchases only.”

No Announcement

There was no official announcement on the launch or public website. All it took was an eminence.finance Twitter account, cryptic tweets, and Cronje’s retweets, for traders to find the contracts and flood into the mysterious protocol, hoping to get in early on “the next YFI.”

The contracts were about 3 weeks from completion by Cronje’s account and hadn’t been properly tested and secured. This gave one savvy hacker the opportunity to use a flash loan to drain the pool of all its funds less than three hours after the project went viral on Crypto Twitter.

A Series of Unfortunate Events

A flurry of activity rose around the release of Eminence Finance after a public Twitter account showcasing different factions or teams for popular DeFi protocols like Chainlink “Marines”’ and Synthetix “Spartans” was unveiled and retweeted by Cronje.

A series of related tweets and posts stemmed from that, including a Medium a blog post on how to “manually mint http://Yearn.finance latest creation, Eminence ($EMN).”

“Aping” In

Once confirmed as being deployed from the primary Yearn address, many were quick to start interacting with the contract, depositing DAI to mint EMN directly through the contract prior to a front-end being available. It’s important to highlight, this wasn’t just unaudited code like the case of Sushi or Yam; there was no information or even a front-end. Nobody knew exactly what the project was. All there was were a few speculative tweets.

The premise of an NFT-based Battle Royale incubated by Cronje was enough to get degens excited, with many blindly deploying funds in a term coined as “aping”—or rushing to throw money into an unaudited smart contract.

The Hack

As degens began to flock into the faction of their choosing, a hacker was able to use a flash loan to mint EMN on a tight bonding curve to increase the price. For every EMN minted, the price would increase incrementally along the curve. As the price increased, the hacker burned EMN for any of the wrapped eTokens—Eminence’s native versions of popular DeFi tokens like Aave – to cause a large supply drop and increase the token price dramatically.

This gap allowed the hacker to acquire large sums of EMN and then sell the other tokens to recursively cash in DAI profits.

Image source: Banteg

15 Million Dai

In total, nearly 15M of DAI was siphoned in the process, leaving virtually all participants with nothing but a lesson in diligence to show.

Luckily for those affected, the hacker has graciously returned $8M of lost funds, good for a forthcoming 50% refund as per balances taken at a snapshot the block before the hack took place.

Now, many are left to theorize why any funds were returned at all, and whether or not this exploit marks the death of Eminence Finance before it ever began.

Risk of Unaudited Code

Cronje has signaled that the experiment is beyond recovery. Despite a fascinating premise, Andre’s diehard following has taken testing in prod over the edge, showing that not all unaudited contracts are exploit-free.

While this is certainly not the last experiment from Cronje, let Eminence show that until there is an official Medium post about a project the DeFi rockstar is affiliated with, these contracts are not meant to be toyed with.

By Cooper Turley

[This story was written and edited by our friends at The Defiant, and also appeared in its daily email. The content platform focuses on decentralized finance and the open economy and is sharing stories we think will interest our readers. You can subscribe to it here.]

Popular Articles

Nigeria is establishing a framework for widescale crypto adoption

Africa’s largest economy has become a bastion for...

Bitcoin Cash Price Prediction: BCH/USD Retreats after the Price touches $373 Resistance Level

BCH Price Prediction – November 24 BCH/USD is following bullish sentiment as the daily chart reveals while the sellers are waiting to scalp gains from...

Mike McGlone: Bitcoin Likely to Hit $170,000 In Two Years

Bloomberg’s Mike McGlone has emerged to mention that the price of bitcoin could potentially reach $170,000 come 2022. McGlone Is Always There When Bitcoin Spikes McGlone...

What would Commerce Secretary Andrew Yang mean for crypto?

President-elect Joe Biden is reportedly considering crypto-friendly Andrew Yang as his future Secretary of Commerce. According to a CNN report “based on conversations with Biden...

Coinbase Scraps Bitcoin Tax Form That Led Users to Overpay

In brief Coinbase is scrapping an old tax form. Its new form will go to anyone who made at least $600 from certain Coinbase products. The old...

Ethereum 2.0 Deposit Threshold Met: Proof-of-Stake ‘Beacon’ Chain Starts in 7 Days

The Ethereum network’s ETH 2.0 contract has crossed the threshold needed to initiate the upcoming upgrade. Currently, there’s more 694,368 ether worth over $422...