{"id":433326,"date":"2022-04-18T06:51:48","date_gmt":"2022-04-18T03:51:48","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/beanstalk-farms-loses-182m-in-defi-governance-exploit\/"},"modified":"2022-04-18T06:51:48","modified_gmt":"2022-04-18T03:51:48","slug":"beanstalk-farms-loses-182m-in-defi-governance-exploit","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/beanstalk-farms-loses-182m-in-defi-governance-exploit\/","title":{"rendered":"# Beanstalk Farms loses $182M in DeFi governance exploit"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2729b09f956\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2729b09f956\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/beanstalk-farms-loses-182m-in-defi-governance-exploit\/#%E2%80%9D_Beanstalk_Farms_loses_182M_in_DeFi_governance_exploit_%E2%80%9C\" >&#8221; Beanstalk Farms loses $182M in DeFi governance exploit &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Beanstalk_Farms_loses_182M_in_DeFi_governance_exploit_%E2%80%9C\"><\/span>&#8221; Beanstalk Farms loses $182M in DeFi governance exploit &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div class=\"post-content\" data-v-2a0745c6>Credit-based stablecoin protocol Beanstalk Farms lost all of its $182 million collateral from a security breach caused by two sinister governance proposals and a flash loan attack.<\/p>\n<p>The problem for the protocol was seeded by suspicious governance <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/etherscan.io\/address\/0x259a2795624b8a17bc7eb312a94504ad0f615d1e#code\">proposals<\/a> BIP-18 and BIP-19 issued on April 16 by the exploiter that asked for the protocol to donate funds to Ukraine. However, those proposals had a malicious rider attached to them which ultimately created the sinkhole of funds from the protocol according to smart contract auditor <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/BlockSecTeam\/status\/1515732238612430849\">BlockSec<\/a>.<\/p>\n<p>This latest security breach of a decentralized finance (DeFi) protocol took place at 12:24 pm UTC. At that time, the exploiter took out $1 billion in flash loans from the AAVE (AAVE) protocol denominated in DAI (DAI), USD Coin (USDC), and Tether (USDT) stablecoins. They used these funds to accumulate enough assets to take over 67% of the protocol\u2019s governance and <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/etherscan.io\/tx\/0xcd314668aaa9bbfebaf1a0bd2b6553d01dd58899c508d4729fa7311dc5d33ad7\">approve<\/a> their own proposals.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">We\u2019re engaging all efforts to try to move forward. As a decentralized project, we are asking the DeFi community and experts in chain analytics to help us limit the exploiter&#8217;s ability to withdraw funds via CEXes. If the exploiter is open to a discussion, we are as well. <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/fwceVz6hbi\">https:\/\/t.co\/fwceVz6hbi<\/a><\/p>\n<p>\u2014 Beanstalk Farms (@BeanstalkFarms) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/BeanstalkFarms\/status\/1515747114894065664?ref_src=twsrc%5Etfw\">April 17, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nA flash loan must be executed and repaid within a single block and usually calls on several smart contracts at once to complete. Flash loans have been used in the past to perform hacks or security exploits of other protocols. Beanstalk Farms is a decentralized algorithmic stablecoin issuing platform on Ethereum.<\/p>\n<p>This case was technically not a hack as the smart contracts and governance procedures functioned as designed. Flaws in their design were exploited, which project spokesperson \u201cPublius\u201d acknowledged in a meeting on April 18th when he said:<\/p>\n<blockquote><p>\u201cIt\u2019s unfortunate that the same governance procedure that put beanstalk in a position to succeed was ultimately its undoing.\u201d<\/p><\/blockquote>\n<p>Blockchain security analysis firm PeckShield notified the Beanstalk team via <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/peckshield\/status\/1515671775085928448\">Twitter<\/a> at 12:41pm UTC on April 17 that there might be an issue with the ominous statement: \u201cHi, @beanstalkFarms, you may want to take a look.\u201d<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Our initial analysis shows the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/BeanstalkFarms?ref_src=twsrc%5Etfw\">@BeanstalkFarms<\/a> loss is ~$182m ! Here is the breakdown of stolen assets: 79,238,241 BEAN3CRV-f, 1,637,956 BEANLUSD-f, 36,084,584 BEAN, and 0.54 UNI-V2_WETH_BEAN. <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/8OzPn8F8ot\">https:\/\/t.co\/8OzPn8F8ot<\/a><\/p>\n<p>\u2014 PeckShield Inc. (@peckshield) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/peckshield\/status\/1515713013868814336?ref_src=twsrc%5Etfw\">April 17, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>At that point, it was too late. The exploiter had already made off with roughly $80 million in Ether (ETH) and Beans (BEAN) while the entire protocol lost its $182 million in total value locked (TVL) according to <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/peckshield\/status\/1515713013868814336\">PeckShield<\/a>. BEAN is currently down about 83% trading at $0.17 according to <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.coingecko.com\/en\/coins\/bean\">CoinGecko<\/a> but troughed at $0.06 when the exploiter dumped their tokens.<\/p>\n<p>The exploiter sw<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ed BEAN for ETH and then sent the coins to Tornado Cash to cover their digital tracks. However, they also sent 250,000 USDC to the Ukraine Crypto Donation wallet. <\/p>\n<p>At 11:49 pm UTC on April 17, Publius wrote that the project is likely lost since there is no venture capital backing to recoup losses, adding \u201cWe are f**ked.\u201d<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/s3.cointelegraph.com\/uploads\/2022-04\/4c56dcc1-071b-424f-82c1-699d23aec6b9.jpg\"><\/figure>\n<p>In a team and community meeting on the Beanstalk Discord channel on April 18, Publius doxxed the three individuals who developed the project. They are Benjamin Weintraub, Brendan Sanderson, and Michael Montoya, all of whom attended the University of Chicago together and conceived Beanstalk Farms.\u00a0<\/p>\n<p>Montoya said that the team had reached out to the Federal Bureau of Investigation (FBI) Crime Center and would \u201cfully cooperate with them to track down the perpetrators and recover funds.\u201d <\/p>\n<p>The protocol\u2019s smart contracts have been paused and all governance privileges have been revoked by the team.<\/p>\n<p><strong><em>Related: <\/em><\/strong><strong><em>North Korean Lazarus Group allegedly behind Ronin Bridge hack<\/em><\/strong><\/p>\n<p>The team did not respond when Cointelegraph asked if they believe the FBI has any legal recourse to help them, but Publius believes this is definitely a theft that should be investigated.<\/p>\n<p>Beanstalk\u2019s community has been mostly supportive of the team in the trying time despite their own tremendous personal losses. However, community member \u201cAstrabean\u201d believes the team should be taking more responsibility for the attack rather than accepting what happened as an honest mistake that the project must move on from. He stated that \u201cI would have wanted you as leaders to take accountability for what happened.\u201d<\/p>\n<p>Community member \u201cCharlieP\u201d echoed those concerns about trust in the protocol. He asked the team \u201cAre you saying you have no responsibility for this endeavor? If that\u2019s the case, who are we to trust that this is not going to happen again?\u201d<\/p>\n<p>Publius responded that the project is just an open-source code experiment, not a business and that neither he nor the team should be held accountable for what happened. He added,<\/p>\n<blockquote><p>\u201cWhen you ask us to take responsibility, it\u2019s really inappropriate.\u201d<\/p><\/blockquote>\n<p><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/beanstalk-farms-loses-182m-in-defi-governance-exploit\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Beanstalk Farms loses $182M in DeFi governance exploit &#8220; Credit-based stablecoin protocol Beanstalk Farms lost all of its $182 million collateral from a security breach caused by two sinister governance proposals and a flash loan attack. The problem for the protocol was seeded by suspicious governance proposals BIP-18 and BIP-19 issued on April 16&#8230;<\/p>\n","protected":false},"author":1,"featured_media":433327,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDQvMDYyOTE5NTQtMTFkOC00NWU3LWFhZTUtODkzNDA1Zjc0MjJlLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[120274,74868,72287],"class_list":["post-433326","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-decentralisation","tag-defi","tag-security"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/433326","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=433326"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/433326\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/433327"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=433326"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=433326"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=433326"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}