In 2020, the blockchain industry will be turbulent and hot spots will continue. The price of Bitcoin continues to break new highs amid positive gains, one step away from 30,000 US dollars. Risk incidents occur frequently under the flowers. The editor sorted out the eight major risk events with great influence this year. Macroeconomics, technology, supervision and team risks have always highly affected the health of the industry.
1.312 Black Swan: Bitcoin’s biggest one-day drop in three years
The global epidemic has escalated, financial markets have broken down, and a liquidity crisis has broken out. On March 12, Bitcoin began to plummet from US$8,000. The daily decline of Bitcoin was about 40%, with an amplitude of more than 80%, and the lowest fell to US$3,800, the lowest since February 2019. The cost price of many mining machines was broken down, and the USDT stable currency had a premium of 9.86%. The exchange was down, the transfer of funds on the chain was congested, the market was sorrowful for a while, and investor beliefs collapsed.
In this dark incident, the nature of Bitcoin’s safe-haven asset was seriously questioned early and many problems were exposed. The most serious of these is the liquidity problem of Bitcoin; the second is the platform performance touted by many trading platforms. In fact, most platforms are more or less unstable in the face of actual crises. These problems caused further blockage of Bitcoin’s liquidity channels, aggravated market fears, and caused prices to continue to fall.
2. Cover Protocol contract loopholes lead to a large number of additional issuances
On December 28, 2020, the DeFi insurance project Cover Protocol was attacked by hackers. Hackers cashed out on DEX such as SuShiSwap and Uniswap, which directly led to the issuance of more than one trillion tokens of COVER. Under the influence of the attack, the price of its token plummeted from $800 to a minimum of $9.
After the incident, centralized exchanges such as OKEx and Matcha immediately closed Cover deposits and withdrawals, and Binance suspended Cover trading. After that, the official Cover Protocol team also advised investors not to buy COVER again.
On December 30, Cover Protocol released a new token and ETH compensation plan, saying that it will calculate the height of 11,541,218 blocks as a snapshot, and compensate different users for the new token and ETH.
3. Compound was attacked by oracles and nearly 90 million US dollars of assets were liquidated
On November 26, Compound’s $87,837,568 million assets were liquidated. The reason for this liquidation is suspected to be due to the dramatic fluctuations in the DAI price of Coinbase Pro, Compound’s price feed information source.
Compound founder Robert Leshner responded to this attack. The liquidation incident has nothing to do with Compound’s own contract, and it is suspected that offline oracle data sources have been attacked. Most users are not affected.
The reason why this attack occurred is that the minimum mortgage rate requirements for different currencies in Compound are different, and DAI is generally 75%. The large fluctuations in the price of DAI caused large fluctuations in the normally safe mortgage rate (debt value/collateralized asset value), thus triggering the liquidation line.
Compound is a typical DeFi project and is decentralized. A decentralized lending platform has always used a self-built centralized oracle, which is very contradictory. Therefore, it is recommended to use a decentralized oracle service that conforms to the nature of the blockchain is the best solution to avoid such incidents.
4. Yam contract vulnerability, “99% of the evaporation is only because of a line of code”
Yam was born at 3 o’clock in the morning on August 12, and crashed within 37 hours after being online.
With the collapse of YAM, the tokens of the eight pools also fell rapidly, almost recovering the previous increase. Miners who spent energy and time lost hundreds of thousands of dollars because of fees and premiums. The retail investors who took over in the secondary market are even more straight to zero.
The failure of YAM this time is that there is a serious loophole in the contract for unlimited issuance of tokens, which eventually caused the market to collapse. On August 13, a loophole in the YAM contract was discovered, which would cause more YAM than expected. Although the team proposed a solution, it still couldn’t be repaired. Until the end, the founder announced that the repair failed, and 99% of the evaporation was due to a single line of code.
In fact, many people did not realize that this collapse could have been avoided. As early as the beginning of the launch, the YAM official team posted a blog to warn investors that the project has not yet conducted any audit of its contract, and investment is risky. The plunge of YAM instantly caused a chain reaction. Many currencies in the fierce DeFi market have plunged. The collapse of YAM tells us that in addition to skyrocketing, we must also see the risks of DeFi.
5. Lendf.me was stolen, the hacker returned the bulk of the funds
On April 19, 2020, Lendf.Me, the currency market in the dForce ecosystem, suffered a hacker attack, resulting in assets with a market value of approximately US$25 million being withdrawn from the contract.
Attack incident review:
At 8:58 on April 19th, hackers began to attack the Lendf.Me contract.
As of 11:32, the hacker completed the attack and stole 25 million US dollars worth of encrypted digital assets.
At 12:57 pm that day, Lendf.Me and USDx contracts were closed one after another.
The attacker used the known ERC-777 vulnerability to steal $25 million in user funds through the stablecoin imBTC. Users suffered heavy losses.
After the funds were stolen, Force took a series of measures. They found the hacker’s abnormal transfer behavior through the internal monitoring system. The Lendf.Me and USDx contracts were immediately suspended, and the website was temporarily closed to investigate hacking activities. At the same time, the dForce team advised all users to stop depositing assets to the Lendf.Me protocol on the web. Together with the police, they looked for clues about hackers and finally followed the vine and recovered most of their assets on April 21. The asset return plan was announced on the evening of the 26th.
6. bZx lightning loan attack, hackers set millions of dollars in ten seconds
From February 15, 2020, within a week, the DeFi loan agreement bZx encountered two attacks. The attacker had nothing to do with the white wolf, and arbitrage more than one million dollars in ten seconds.
bZx’s iETH pool suffered a heavy blow. In order to reduce losses, bZx used the management key to lock the attacker’s 51.34 WBTC. Moreover, after the first attack, bZx shut down the Fulcrum trading platform for maintenance. After the second attack, bZx temporarily closed the exploited contract. To avoid risk. Then bZx announced that it would adopt Chainlink’s price feed solution.
In both attacks, the attackers borrowed 10,000 ETH as initial funds through “lightning loans” at zero cost, and then used multiple DeFi protocols to call each other to achieve very unreasonable transactions.
7. Ripple was sued by the US SEC, and XRP plummeted
On December 22, 2020, the SEC announced a lawsuit against Ripple and its two executives, claiming that the XRP digital assets were securities and were not registered with the SEC, violating the Investor Protection Law. At the same time, the SEC believes that Brad Garlinghouse and Chris Larsen raised US$1.3 billion through the sale of XRP, and used the way to manipulate the currency to make a profit of more than US$600 million. Then Ripple’s CEO responded that the SEC was completely wrong in fact and law and that XRP is a currency, not a security. Ripple will defend against a lawsuit filed by the US Securities and Exchange Commission (SEC).
Due to the SEC’s lawsuit against Ripple, XRP investors lost an average of $6,000 in the recent market decline. The news that the U.S. Securities and Exchange Commission (SEC) sued Ripple caused a market sell-off, which not only affected XRP, but also the entire altcoin market.
On December 26, Bitstamp tweeted, announcing the suspension of XRP trading and deposit services for all US users. Since then, Coinbase and OKCoin have also announced the complete suspension of XRP trading services.
At the same time, it was reported on December 30 that the Southern District Court of New York has set the court date of the case as February 22, 2021 for the lawsuit initiated by the US Securities and Exchange Commission against Ripple.
8. FCoin ran away with money, the star exchange collapsed
Zhang Jian lost contact with FCoin, and tens of millions of investors lost their money.
From the sudden emergence to the final collapse, FCoin became the biggest scandal in 2020.
On February 17, 2020, FCoin ushered in the end of the story. Zhang Jian released the article “FCoin Truth”, detailing FCoin’s fatal mistakes in the past two years, saying that “data errors + decision errors” are simultaneously advancing and affecting each other, and fund reserves cannot Redemption of user withdrawals eventually led to FCoin’s end.
After the FCoin thunderstorm, the incident fermented. FTFCoin tried many methods such as self-help, calling out orders, and forming alliances with peers, but it did not help. This means that the era of trading and mining created by Zhang Jian has officially ended.
