The total value locked in decentralized finance (DeFi) protocols remained below $50 billion this past week following another period dominated by exploits and hacks.
Three DeFi platforms – Alphapo, Era Lend, and Conic Finance – were compromised for nearly $39 million combined. Alphapo suffered the biggest exploit with over $32 million stolen from its hot wallets.
Despite the bearish conditions and attacks, there were positive developments in zero-knowledge-proof (ZK-proof) scaling solutions as layer-2 DeFi heats up.
However, the hacks and ongoing market downturn took a toll on DeFi as total locked value significantly dropped over the week. The relentless exploits continue hampering growth even as technological progress emerges in areas like ZK rollups.
The past week encapsulates the high risks but also potential rewards seen in maturing sectors of the crypto space like DeFi.
Alphapo
Cryptocurrency payment processor Alphapo suffered a hack resulting in over $31 million drained from its hot wallets holding Ether, Tron, and Bitcoin, per reports on July 22nd. The total loss may be even higher given the uncertain amount of stolen Bitcoin.
According to on-chain investigator ZachXBT, the funds were stolen on Ethereum, swapped for ETH, then bridged to Avalanche and Bitcoin. DeDotFi’s security staff suspect a leaked private key enabled the exploit.
Investigations into the root cause remain ongoing. But the breach of Alphapo’s hot wallets allowed hackers to pilfer millions in crypto across three assets, showcasing the risks of keeping substantial funds in internet-connected hot storage vulnerable to attacks.
Era Lend
The zkSync lending platform Era Lend suffered an exploit resulting in $3.4 million stolen through a read-only reentrancy attack, according to a July 25th report by blockchain security firm CertiK.
This type of attack interrupts a multi-step process before resuming it after a malicious action, without updating the contract state. The hacker drained funds in two transactions using an externally owned account.
The attacker exploited a vulnerability in the callback and reserve update function to trick the contract into reporting old, pre-update values. This allowed the hacker to repeatedly withdraw available balances that were not updated in real time.
The Era Lend breach demonstrates how complex DeFi smart contract code can contain subtle reentrancy flaws allowing millions to be pilfered by sophisticated hackers. Robust auditing and formal verification are essential to securing Layer 2 protocols and apps.
Zero-Knowledge
Despite the ongoing crypto bear market, development in the zero-knowledge-proof (ZK-proof) space continues heating up. ZK-proofs allow proving something is true without exposing private details.
At July’s zkDay event during the Ethereum Community Conference, over 2000 attendees crammed in to see the latest ZK projects. ZK protocol developer p0x Labs even announced a $25 million raise there.
Currently, ZK tech plays a key role in powering layer-2 scaling like rollups by enabling fast, private transactions with succinct proofs. ZK-proofs also allow confidentiality for sensitive information.
The zkDay turnout and funding highlight the momentum behind zero-knowledge development even amidst price declines. The technology remains a priority for building solutions like optimized rollups to push forward wider blockchain adoption.
For the first time in six months, Optimism has surpassed fellow Ethereum layer 2 Arbitrum in daily transaction volume per July 27th data from Artemis. Both platforms employ optimistic rollups to batch transactions before settling on Ethereum, reducing fees.
Optimism’s volume dipped behind Arbitrum in January after its incentive “quests” ended but reclaimed the lead on July 25th with Worldcoin’s launch.
Fluctuating usage highlights competition between the two roll-up rivals vying to capture DeFi activity and adoption. Optimism regaining its top ranking demonstrates use cases like incentivized campaigns and major project integrations can quickly shift liquidity between solutions as they aim to cement dominance.
