The Acala parachain team in the Polkadot ecosystem has returned 2.97 billion aUSD stablecoins minted as a result of the exploit.
The incident occurred due to a bug in Acala’s smart contract that manages the iBTC/aUSD liquidity pool. The bug allowed 16 addresses to mint more than 3 billion ‘stablecoins’.
As a result of the first trace, the Acala team identified 1.29 billion erroneously minted aUSD across 16 addresses. The assets were blocked pending a community decision.
Incident trace report #1: This is the 1st published batch of trace results. The 1.288B erroneously minted aUSD have been identified and their transfers are disabled until a pending Acala community governance decision resolves the error.
Thread below:https://t.co/KazsYLxzqK
— Acala (@AcalaNetwork) August 15, 2022
To speed up possible response to the incident, developers tabled a proposal to shorten the voting period from five days to one day and to reduce the duration to eight hours.
Referendum #23 (Runtime upgrade to expedite referenda) is now tabled for a vote.
➡️Acala voters can vote here: https://t.co/oDLJ8HJc4l
Related community proposal: https://t.co/Lwh2ISrXys
— Acala (@AcalaNetwork) August 17, 2022
The first traced amount, per the community decision, was returned to the Honzon protocol for burning.
The decision on the second trace tranche of 1.68 billion erroneous coins was brought to the community for consideration.
A community proposal related to Trace #2 was submitted earlier today to return 1.68B aUSD error mints in iBTC/aUSD LP, & other assets obtained from the aUSD error mints. A sentiment vote is live to gather reaction:
Proposal: https://t.co/u6hGTNpXeZ
Vote: https://t.co/UQcsi6kyCA
— Acala (@AcalaNetwork) August 18, 2022
Up to 99% of the stablecoins minted due to the bug remained within the network; however, a small portion was swapped for DOT tokens and sent to exchanges. The Acala team set a bounty for funds recovery.
A third trace found 176,725 DOT was sent from Acala to Polkadot by 8 of the 16 identified addresses. Of the ~176k DOT, 41,999 DOT was sent to an exchange from 1 address, and 134,726.44 DOT remain on Polkadot.
👉Bounty info in thread below
Results: https://t.co/IBcur4Ys0d
— Acala (@AcalaNetwork) August 18, 2022
As of writing, the dollar-pegged stablecoin aUSD was trading at around $0.90. After the minting of billions of additional coins, the asset’s price fell below a cent.
Earlier, the Acala project became the winner of the first parachain-slot auction for Polkadot.
Follow ForkLog’s bitcoin-news on our Telegram — cryptocurrency news, prices and analysis.