{"id":546982,"date":"2023-02-02T22:00:00","date_gmt":"2023-02-02T19:00:00","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/lack-of-liquidity-mitigated-damages-to-bonqdao-exploit-report\/"},"modified":"2023-02-02T22:00:00","modified_gmt":"2023-02-02T19:00:00","slug":"lack-of-liquidity-mitigated-damages-to-bonqdao-exploit-report","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/lack-of-liquidity-mitigated-damages-to-bonqdao-exploit-report\/","title":{"rendered":"# Lack of liquidity mitigated damages to BonqDAO exploit: Report"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a416885d4309\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a416885d4309\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/lack-of-liquidity-mitigated-damages-to-bonqdao-exploit-report\/#%E2%80%9D_Lack_of_liquidity_mitigated_damages_to_BonqDAO_exploit_Report_%E2%80%9C\" >&#8221; Lack of liquidity mitigated damages to BonqDAO exploit: Report &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Lack_of_liquidity_mitigated_damages_to_BonqDAO_exploit_Report_%E2%80%9C\"><\/span>&#8221; Lack of liquidity mitigated damages to BonqDAO exploit: Report &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjMtMDIvMzYzYzUxNmQtN2RkYS00ZDU1LWFmODctNDQxYmQxOGMxNzU4LmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-5a4050f8>According to blockchain security firm CertiK, the damage caused to decentralized protocol BonqDAO on Feb. 1 may have been much less than initially thought.\u00a0<\/p>\n<p>As told by CertiK, the attacker first borrowed 100 million BEUR, a euro stablecoin, with less than $1,000 in collateral due to a lack of controls on the collateralization ratio. If users set the parameter to zero, then the platform defaults to returning the &#8220;maximum value of uint256,&#8221; allowing an astronomical sum of loans to be issued.<\/p>\n<p>However, CertiK said that despite the attacker borrowing 100 million BEUR (around $120 million at the time of attack), the hacker only managed to withdraw around $1 million due to a lack of liquidity on the platform. Previously, blockchain security firms such as PeckSheild stated that around $120 million was lost during the attack.<\/p>\n<p>Bonq is a fork of Liquity Protocol, which, similar to that blockchain, uses Troves to represent isolated debt positions. However, Bonq reportedly implemented a Community Liquidation Feature where 45 Troves with BEUR exposure were liquidated due to the incident. According to CertiK, the attack also impacted Troves containing <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>roximately 110 million Alliance Block tokens (ALBT). That said, none of the Alliance Block smart contracts were breached during the incident, and the project has said it will airdrop new tokens to compensate affected holders.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Bonq protocol was exposed to an oracle hack, where exploiter increased the ALBT price and minted large amounts of BEUR. The BEUR was then swapped for other tokens on Uniswap. Then, the price was decreased to almost zero, which triggered the liquidation of ALBT troves.<\/p>\n<p>\u2014 BonqDAO (@BonqDAO) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/BonqDAO\/status\/1620908233761378304?ref_src=twsrc%5Etfw\">February 1, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>Although a lack of liquidity appears to have mitigated damages to BonqDAO during the incidents, others were not so lucky. On Oct. 12, DeFi protocol Mango Markets initially lost $116 million after hacker Avraham Eisenberg manipulated the price of the MNGO token price, driving it up 30 times via enormous perpetual future contracts within a short period. This was possible as a relatively small initial capital was required to manipulate MNGO due to low liquidity.\u00a0<\/p>\n<p><em><strong>Related: <\/strong><strong>How low liquidity led to Mango Markets losing over $116 million<\/strong><\/em><\/p>\n<p>Afterward, Eisenberg acquired a loan for $116 million using $423 million of his inflated MNGO holdings as collateral and siphoned funds from the platform. On Dec. 28, Eisenberg was arrested in Puerto Rico on charges of commodities manipulation and commodities fraud.\u00a0<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/lack-of-liquidity-mitigated-damages-to-bonqdao-exploit-report\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Lack of liquidity mitigated damages to BonqDAO exploit: Report &#8220; According to blockchain security firm CertiK, the damage caused to decentralized protocol BonqDAO on Feb. 1 may have been much less than initially thought.\u00a0 As told by CertiK, the attacker first borrowed 100 million BEUR, a euro stablecoin, with less than $1,000 in collateral&#8230;<\/p>\n","protected":false},"author":1,"featured_media":546983,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/s3.cointelegraph.com\/uploads\/2023-02\/363c516d-7dda-4d55-af87-441bd18c1758.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74867,74894,74863,74868,74882,70944],"class_list":["post-546982","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-altcoin","tag-blockchain","tag-cryptocurrencies","tag-defi","tag-hacks","tag-hackers"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/546982","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=546982"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/546982\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/546983"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=546982"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=546982"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=546982"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}