- dYdX has identified the perpetrator behind a targeted attack on its v3 platform, resulting in a $9 million loss from its insurance fund.
- dYdX is exploring the possibility of taking legal action against the responsible individual, aiming to hold them accountable for the attack.
- To prevent future coordinated attacks, dYdX has bolstered its v3 trading platform, improved open-interest monitoring, and introduced alerts.
dYdX, the decentralised exchange, has successfully unmasked the perpetrator responsible for the assault on its v3 platform that occurred on November 17, 2023, resulting in a substantial $9 million loss from its insurance fund.
In a detailed post-mortem analysis of this “targeted attack,” dYdX has confirmed its intention to explore legal action against the individual responsible.
To preempt potential future coordinated attacks utilising similar tactics, dYdX has fortified its v3 trading platform by enhancing open-interest monitoring and implementing alert mechanisms.
The exchange has unveiled its enhanced v4 chain, custom-designed to mitigate such risks effectively. This updated version includes a novel feature that automatically adjusts the initial margin fraction in response to abnormal price fluctuations.
The modus operandi of the attack
dYdX identified that the assailant initiated numerous 5x leveraged long positions using the YFI/USD trading pair across over 100 wallets. Employing various addresses, the attacker purchased spot tokens of Yearn.finance (YFI), causing a remarkable 215% surge in its price.
YFI serves as the native token of the Yearn.finance decentralised finance protocol.
According to the exchange’s findings, the attacker expanded their unrealised profits by entering additional YFI/USD positions, reaching a peak of approximately $50 million. Responding to these activities, dYdX increased the initial margin requirement and reduced the base and incremental position sizes in the YFI/USD market on November 17th to curtail the attacker’s maneuvers.
The following day, YFI’s price plummeted by nearly 30% within an hour, rendering the attacker incapable of closing their positions. When the attacker’s holdings turned negative, the insurance fund automatically covered their losses, as clarified by dYdX.
The platform also revealed that a week prior to the YFI incident, the same strategy had been employed by the attacker on the SUSHI/USD pair, resulting in gains of approximately $5 million. However, this had no impact on the v3 insurance fund because dYdX had elevated the initial margin requirement to 100%, thereby thwarting any further gains by the attacker.
It is essential to note that these attacks did not affect customer funds, and the attacker did not profit from manipulating the YFI market, as asserted by the company.