Rogue miners submitted phony price data that tricked decentralized stablecoin network PegNet into turning a small wallet balance into a $6.7 million stash.
Beginning initially with a wallet balance of $11, the group pushed the price of pJPY up to $6.7 million and then transferred it into pUSD - PegNet's USD-linked stablecoin.
PegNet is a decentralized network, built on top of the Factom protocol, where users can trade stablecoins pegged to 42 assets.
The network relies on miners to submit price data collected from a series of oracles and APIs to keep stablecoin prices pegged to their fiat equivalents.
With the fake exchange rate, the miners converted the inflated pJPY into pUSD so the overall wallet balance rose from $11 worth of pJPY tokens to well over 6.7 million pUSD which, assuming accurate price data, should be worth $6.7 million.
The way PegNet is configured means the identity of individuals controlling the mining entities cannot be known.
The attacker has since reached out to PegNet and claimed they were only trying to "Pentest the network and code logic," to identify potential vulnerabilities and notify core developers.
Johnston said PegNet would now review some of its oracle mechanisms, to ensure they are robust enough to withstand these sorts of attacks again in the future.
"The key is building systems like PegNet where individual users are not affected by the actions of others in the system. So because PegNet has no reserve or collateral held in a pool, there were no common user funds to drain."
PegNet isn't certain yet whether the miners were able to offload any of the pUSD on to cryptocurrency exchanges.
Miners Trick Stablecoin Protocol PegNet, Turning $11 Into Almost $7M Hoard
Published on Apr 22, 2020
by Coindesk | Published on Coinage
Coinage
Recent News
View All
Blockchain Bites: Bitcoin's Run, Uniswap's Hemorrhaging Value, Anchorage's Banking Bid
Bitcoin is nearing all-time highs in price and market cap last set three years ago.
Japan's megabanks to lead experiment with digital yen
We have, in order, Cheese Bank with a $3.3 million theft, Akropolis with its $2 million loss, Value DeFi with a whopping $6 million exploit and finally Origin Protocol's loss of $7 million.
Number of new Bitcoin addresses spikes amid growing FOMO
Japan's three largest banks, as part of a group of 30 private sector actors, are set to collaborate on an experiment with a digital yen.
Not just Wall Street: Quant trader explains why Bitcoin price is going up
Sam Trabucco, a quantitative trader at Alameda Research, believes four general factors are pushing up the price of Bitcoin.