Warp Finance, a DeFi lending protocol that suffered $ 8 million in flash credit shortly after its release, is now planning a relaunch that includes integration with Oracle Chainlink.
Chainlink oracles have been reported to include as a defense against such attacks. Fast Loans take advantage of a feature that allows you to borrow an unlimited amount of money if it is also returned in the same Ethereum block. According to the team, security experts decided that the main reason for the breach was Oracle price.
The problem appears to be exacerbated by the fact that Warp Finance is using tokens from liquidity providers as collateral. This feature is one of the main arguments in favor of the protocol, as it makes it possible to convert income-generating tokens as collateral, and to collect income from trading fees and borrowers who use the protocol.
According to DeFi whitehat hacker Emiliano Bonassi, the exploit was based on Warp Finance’s errors in estimating the underlying value of pool signals. The new protocol will use Chainlink price streams for all important features – especially the value of LP tokens used for security.
Chenlink and its founder, Sergey Nazarov, often insisted that the price oracle should cover as much of the market as possible. In fact, many flash credit lenders are closer to market manipulation than outright software failure. Even without the malicious intent, events such as the complex overhaul in November could have been prevented with greater market coverage. The composite solely relied on prices from Coinbase and Uniswap, which temporarily recorded a heavily inflated price for Dai.
When Cointelegraph was asked why Warp Finance initially did not use Chainlink oracles, the spokesperson replied:
“Uniswap oracles was an option for many projects looking for pricing information for different uses. So we launched a beta phase like other lending platforms with the ability to update later.”
The spokesperson also noted that a large percentage of DeFi projects do not use Chainlink, and they believe the reboot “gives our users much more confidence in the security of our protocol.”
Warp Finance has also developed a compensation plan for affected users, which already recovers 73% of the stolen money.