- Developers in the DeFi ecosystem announced ERC 7265, which proposes a circuit breaker to fix security concerns.
- The proposed standard outlines a smart contract interface that triggers a halt when token outflows exceed a set threshold.
- Through a delay in settlement and the temporary custody of outflows, exploits like Poly Network are likely to be avoided.
DeFi researchers working on tackling exploits in the ecosystem have proposed ERC 7265 to fix the security concerns on protocols like Poly Network, a platform that was recently hacked. The team of developers identified the key driver of the exploits – a lack of response time.
Developers put together the ERC 7265 proposal, outlining the process of mitigating DeFi exploits in the future.
DeFi projects likely to tackle future exploits in this manner
Hackers stole over $204 million from DeFi projects in Q2 2023, according to Bank Info Security’s recent report. The total value of exploits stood at $208.5 million, of which $4.5 million was recovered by affected projects.
In Q2 2022, the total number of hacks was 17. The same quarter this year, however, saw the number climb to 117, highlighting the need for ramping up DeFi security infrastructure. The recent Poly Network hack inspired a group of researchers to release ERC 7265. The proposal identifies the key driver of the exploit as a lack of response time.
Developers, including Diyahir Campos and Meir Bank, released the proposal on Github by describing ERC 7265 as the proposal that acts as a “Circuit Breaker” to trigger a protocol-wide halt on outflows if the threshold for a predefined metric is exceeded.
ERC 7265 proposal by DeFi researchers
Offering the protocol higher monitoring and response time could tackle exploits where large volumes of tokens are minted and flow out of the protocol’s bridges. Meir Bank, a Fluid Protocol developer, shared the details of the proposal in a recent tweet:
State of Poly Network after the exploit
The Poly Network was hacked on July 2, and the attacker has collected $10 million in profits from the exploit. The hacker also left millions in tokens on the platform that could not be cashed out due to liquidity constraints. SlowMist, a crypto security firm, is following the attacker’s moves and reporting them in their tweet thread.
MistTrack Alert Update— MistTrack️ (@MistTrack_io) July 3, 2023
We have discovered two new stolen transactions of over 3 million USDC and over 2.6 million USDT.
The attacker swapped $USDC to 1,557.36 $ETH and stayed at the address (0x2f6c...7b82), and swapped $USDT to 1,371.64 $ETH and stayed at the address… https://t.co/KdzTe2uhl1 pic.twitter.com/D1HW8Zh7D4
This is not the first time Poly Network has faced a damaging attack. Back in August 2021, hackers stole some $600 million worth of crypto from the platform.
Like this article? Help us with some feedback by answering this survey:
Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers. The author will not be held responsible for information that is found at the end of links posted on this page.
If not otherwise explicitly mentioned in the body of the article, at the time of writing, the author has no position in any stock mentioned in this article and no business relationship with any company mentioned. The author has not received compensation for writing this article, other than from FXStreet.
FXStreet and the author do not provide personalized recommendations. The author makes no representations as to the accuracy, completeness, or suitability of this information. FXStreet and the author will not be liable for any errors, omissions or any losses, injuries or damages arising from this information and its display or use. Errors and omissions excepted.
The author and FXStreet are not registered investment advisors and nothing in this article is intended to be investment advice.