Synapse Protocol, known for its native token, the SYN token, is an automated market maker or simply AMM known for its trustless cross-chain bridge. Recently, according to the tweet by well-known Chinese crypto journalist Colin Wu, the “Synapse Protocol was exploited and lost approximately US$8 million.”
Synapse Protocol was exploited and lost approximately US$8 million. https://t.co/yEYOK7MQxL
— Wu Blockchain (@WuBlockchain)
Synapse was introduced in the crypto space as the platform that would eradicate the need for a centralized exchange in the DeFi industry, allowing the users to become their own banks. However, it seems that the recent hack proves otherwise.
According to the Twitter account by the username “ricosoon”, the Chinese journalist made a mistake in reporting the exploit. It seems that the Synapse $8 million were not lost as the bridge is on hold. The bridges are the center of the Protocol and are responsible for the swapping of tokens.
More info: looks like attacker managed to manipulate price of nUSD and made around 8M USD profit from it.. although his funds are still stuck on bridge (as bridge is paused) but not sure if they can stop his withdraw once unpaused
— Mempooler (@ricosoon)
Synapse bridges intact
According to “Ricosoon,” the problem wasn’t with the bridge or the bridge contracts but with the implementation of the AMM contracts “that a few different stableswaps used, forked from the Saddle.”
According to the statement by the developers on their Discord channel, the hacker tried to move the funds by converting them into USDC while the validators were not online. Upon this issue being noticed, the AMM contracts were all put to rest so that the vulnerability didn’t spread.
Furthermore, the Protocol notified Saddle, who also closed their bridges. As a result, “the validators, by consensus are now electing not to process this transaction as it was malicious against LPs and the network as a whole:~$8 million nUSD will therefore not be minted to the attackers’ address on the destination chain.”
It seems that the Synapse developers are now in control of the situation as they are working to re-deploy the pools ‘to an older, less-complex version’ of the bridge contracts, re-enabling liquidity, buying time to solve the issue, and restart the original bridges.
Such an increasing number of exploits in the blockchain industry is currently being reviewed by many protocols. The Polygon network was recently exploited by an arbitrary bot, turning 14 ETH into 218.5 ETH. Similar hacks also happened on the ThorChain network.
This content was originally published here.