OptiFi, a decentralized finance (DeFi) protocol focused on derivatives and based on the Solana blockchain, accidentally shut down its Mainnet platform due to a programming error, rendering all funds inaccessible. The problem arose when the company tried to update their code, but the developer responsible for the update entered the wrong command. The incident report, released on Tuesday, says some $661,000 in USDC is now permanently locked in the program. OptiFi, however, said it would issue full refunds to affected users.
DeFi (decentralized finance) is the term used to describe financial transactions carried out on a blockchain without the intervention of an intermediary. Although cryptocurrency proponents tout the benefits of this system, there are several risks associated with DeFi that relate to theft (rug pulls) and fraud, but this is one of the first cases where a programming error has occurred. led to the complete destruction of the system. OptiFi explained on Monday that one of its developers used the command solana program close when updating the system, but it was the wrong command.
On August 29, around 06:00 UTC, we performed a code update to our Solana program, so our deployer tried to update the OptiFi program on the Solana mainnet. However, we accidentally used the command solana program close, which resulted in the closure of our OptiFi program on the mainnet. All user funds and open positions on OptiFi have been locked in PDAs, $661K in total (AMM vault, user account, etc.) and it is not possible to recover them at the time of writing,” says OptiFi in its incident report.
OptiFi’s experience demonstrates once again that a single mistake in DeFi can have permanent and very costly results. OptiFi promised to refund all user funds, but explained that around 95% of inaccessible crypto funds were held by a member of the team. The refund process should take up to two weeks. In the report, OptiFi detailed the process by which its developers accidentally closed access to the program. OptiFi will learn from this misadventure and continue to build for all those who trust us, he tweeted.
Sincere apologies to all users who trusted us and were affected by our mistakes, the company added. While the OptiFi team took full responsibility for the error that led to their program being permanently locked, they did take the opportunity to make suggestions to Solana Core Developers to help others avoid a similar situation. The OptiFi team wants more official documentation on the order solana program closeas well as an additional confirmation step for application developers before confirming the instruction.
We ask all Solana developers to be careful when using solana program close. We suggest that Solana maintainers add the warning about the fatal result of closing a program in the Solana docs and Command Line Interface (CLI) to help Solana developers understand this feature. the company said. OptiFi launched on the Solana Mainnet earlier this month. The update was supposed to deploy a new version of its program with new useful functions, but it failed.
Every deployment needs a rigorous process and single point failure can be avoided. Please don’t rush like what we did, especially for DeFi projects,” the OptiFi team said. The OptiFi misadventure is reminiscent of the incident recently reported by the team at Crypto.com, a cryptocurrency exchange platform. Crypto.com accidentally transferred 10.5 million Australian dollars (~7.2 million US dollars) to an Australian customer instead of issuing a standard refund of 100 Australian dollars (~68 US dollars) due to an error of hitting.
Crypto.com reportedly only noticed the error seven months later, and by then some of the money had already disappeared. The initial transfer reportedly took place in May 2021 after an employee accidentally typed an account number into the payment amount field. Crypto.com reportedly only realized the error when performing an audit in December 2021. Instead of reporting the incorrect refund to Crypto.com, the client in question, Thevamanogari Manivel, reportedly transferred the money to a joint account and spent around US$890,526 on a luxurious five-bedroom house for his sister.
Now the company is fighting to get its money back by filing a lawsuit in the Supreme Court of Victoria. Crypto.com successfully froze Manivel’s account in February. The court also ordered Manivel to sell the house and return the money (with interest) to the stock exchange. The case will resume in court next October. Finally, of late, NFT sales volume and cryptocurrency prices have fallen significantly, a downturn that has been dubbed “crypto winter.” This situation has cost investors millions of dollars since the beginning of the year.
Previously, Nomad, an interblockchain cryptocurrency transfer service, lost over $150 million due to a coding error. Security researchers have revealed that the vulnerability exploited by attackers lies in Nomad’s smart counter. An audit of Nomad’s code would have revealed this flaw a month earlier, but the company did not fix it. Incidents of this type, especially attacks by hackers, are frequent and highlight the weaknesses of decentralized finance.
Source: OptiFi
And you?
What is your opinion on the subject?
What do you think of the OptiFi team’s misadventure?
What do you think of the OptiFi team’s recommendations to Solana developers?
What do you think of decentralized finance (DeFi)? Do its benefits outweigh the risks?
See as well
Crypto.com accidentally transfers $10.5M to a woman instead of $100. Almost a year later, the platform demands full reimbursement of the sum and launches legal action
Is the concept of Web3 a new joke? Proponents believe it’s the only way to regain internet freedoms, but critics say it’s just a ‘buzzword’
Trading volume on the leading NFT marketplace, OpenSea, is down 99% since May, indicating that the NFT bubble continues to shrink