Beanstalk Farms, the stablecoin based on credit, recently had to lose an aggregate amount of $182 million as collateral damage due to a breach in security. This breach happened due to two proposals of sinister governance and a loan attack. This issue for the protocol was initiated by two proposals of the governance that were quite fishy namely, BIP-18 and BIP-19.
Beanstalk Suffered From Exploitation Of Their Governance Proposal System
These proposals were authorized this Saturday by the schemer who specifically asked about the protocol for a donation of funds to Ukraine. As per BlockSec, the auditor of smart contract, it was never realized that these proposals contained a spiteful rider that made the sinkhole of funds. The mentioned breach of security of protocol of DeFi happened at 12.24 p.m. UTC.
The exploiter with the help of that breach had taken out $1 billion in the form of flash loans from the protocol of AAVE which were further denominated in USD coin, DAI, and USDT stablecoins. The above-mentioned funds were utilized for the accumulation of huge assets that was enough to take over 67% of the governance of the protocol and to get the approval of their proposals.
Beanstalk Farms posted on Twitter that they are trying very hard to get past this breach and loss. They requested the entire community of DeFi and chain analytics experts to help them to catch the exploiter. If both of them work together, the exploiter won’t be able to withdraw money through CEXes. Beanstalk also suggested that if the schemer would be ready to negotiate, they would also cooperate.
In the past, there were many situations where flash loans were used for performing exploits and hacks. This particular case cannot be given the term hack as procedures of governance and smart contacts were functioning normally and the issues in the design were taken advantage of.