TempleDAO Loses $2 Million in Latest Exploit

Funds were converted to ether and moved to a new wallet

article-image

Source: DALL·E

share

key takeaways

  • An estimated 1.1 million TEMPLE was sold off
  • The root cause of the exploit was insufficient access control to the migrateStake function, according to BlockSec

TempleDAO, a yield-farming DeFi protocol, has been exploited for around $2.34 million.

All funds exploited were converted to ether and then moved to a new wallet, where they now sit. 

The pseudonymous Doc Peppercorn, a contributor to TempleDAO, posted on its Discord group that a series of transactions through Stax Finance, a TempleDAO-affiliated dapp, led to the sell-off of an estimated 1.1 million TEMPLE, the primary token of the Temple Protocol.

“We are investigating what happened so we can bring you the full picture of how this occurred, what we did to resolve and any further remediation steps,” he wrote.

The root cause of the exploit was insufficient access control to a specific function in the Stax smart contract, according to security firm BlockSec.

Prior to the exploit, TempleDAO’s protocol’s total value locked was about $57 million, according to DeFiLlama. The exploit amounted to roughly 4% of the protocol’s assets. 

According to a recent report published by bug bounty and security services platform, Immunefi, DeFi protocols remain a key target for exploits in comparison to centralized finance — representing a total of 98.8% of losses in Q3 of 2022 — with the Nomad Bridge hack and the Wintermute exploit making up the majority of the losses.

The two most targeted chains were Binance’s BNB Chain, which was recently drained of over 2 million BNB, and Ethereum, according to the report.

At the time when the report was published, the BNB Chain had suffered from 16 individual attacks resulting in the loss of 28.6% of all losses across targeted chains, and Ethereum reported 13 incidents which represented 23.2% of total losses.

The exploiter’s address was originally funded from an address on the Binance Exchange, so it’s possible the exchange may have know-your-customer information on the culprit.

A Binance spokesperson did not immediately respond to a request for comment.

Stax Finance is exploring its options.

Loading Tweet..

Temple DAO said that its Core Vaults do not share code with Stax and are therefore unaffected.


Don’t miss the next big story – join our free daily newsletter.

Tags

Upcoming Events

HYATT REGENCY SALT LAKE CITY

TUES, OCT. 8, 2024

Guided by the expertise of Blockworks Research Analysts team, this one day event will feature senior leaders, entrepreneurs, and developers from across the crypto industry. Attendees will have the opportunity to participate in an immersive experience to explore the latest trends, […]

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

hivemapper.jpeg

Research

We believe crypto market participants overlook Hivemapper’s fundamental potential due to a poor understanding of both the niche map data market and Hivemapper’s positioning relative to incumbents. Hivemapper’s token model catalyzes both a cost and product advantage via unmatched map freshness and near real-time accuracy, which is its wedge into a market characterized by stale data and high data collection costs. Its current and potential future product suite may represent one of the strongest possibilities for PMF in crypto today.

article-image

As part of its 19b-4, the potential issuer included a correlation analysis of ETH that’s “substantially similar” to the BTC analysis done by the SEC before it approved the spot bitcoin ETFs

article-image

A greater focus on data availability sampling is top of mind, including additional work that layer-2s must do to become faster and more secure

article-image

The former FTX CEO was sentenced in a New York courtroom on Thursday

article-image

👨‍⚖️ SBF’s courtroom sequel: Plus, Coinbase’s legal loss was DeFi’s gain

article-image

Public mining companies have been acquiring sites, refreshing machine fleets and diversifying business models in preparation for the event