- Uniswap Liquidity Providers Phished For Over 4000 ETH (>7 Million USD)
- Smart Contract Seems Safe, Says Uniswap and Binance Teams
- $UNI Token Down 5% Intra-Day, Slight Recovery Since
As one of the oldest cryptocurrency projects, Uniswap has amassed a TVL of over 4.8 billion dollars. Putting it as the leading DEX (Decentralized Exchange) across all chains, Uniswap has managed to innovate and miraculously retain market share in the crypto ecosystem.
Thanks to its longevity, many users trust the platform to be a safe and secure platform for their funds.
Earlier today, Binance’s CEO Changpeng Zhao, also known as CZ, warned his followers that Uniswap may be under attack. So, was Uniswap actually hacked, and what would that mean for the crypto ecosystem?
A Billion-Dollar Problem
A few hours ago, CZ posted this ominous tweet of the Uniswap protocol coming under attack on the Ethereum blockchain. Upon further inspection on Etherscan, it seems that a liquidity pair (LP), represented in the form of an NFT, was phished.
This was later confirmed by both the Binance and Uniswap teams. Instead of a smart contract vulnerability, the funds were phished from various individual liquidity providers. This includes a myriad of liquidity pools, and no individual one has been drained.
While the net amount of $7 Million is an eye-watering number, it accounts for only 0.15% of Uniswap’s TVL. This implies that liquidity will remain deep for the time being.
At the time of writing, 99.9% of the funds have been transferred out of the phisher’s account via tornado cash.
The DEX’s native token, $UNI, also suffered a sharp crash before a slight recovery.
The Cryptocurrency Hackathon
This saga is just the latest in a series of multi-million-dollar hacks.
From Ronin to the Polygon network, hackers and phishers are getting more creative each and every day. To make things worse, it is likely that state-sponsored North Korean hackers are behind many of these exploits.
Furthermore, even if protocols get audited – which are not a guarantee for security, individual users can still be targeted. It seems that projects getting rekt has become a question of not if, but when.
Contagion effects are also a problem, highlighted in both the wormhole and Harmony hacks. Even one point of failure means billions in tokens that could be worth nothing unless a bailout of some form happens.
From a wider angle, bailouts are becoming increasingly frequent in the crypto ecosystem, and while these are good short-term patches, they forgo the key concept of decentralization. While centralized entities can keep pumping cash to keep projects afloat, that would be no different from traditional finance institutions.
The vulnerability of Web 3.0 projects also translates into a depressed state of investor confidence. Not only can we not keep our tokens on-chain, but centralized exchanges and lending platforms are also going bust.
While using a cold wallet for all activities and having separate devices for daily use has become weathered sage advice, it is far from a seamless experience. Until security and user experience is at the forefront of the industry, it will be impossible to achieve mass adoption.
Featured Image: Zipmex