On Friday, May 13th, the founder of Lens Protocol and Aave Finance revealed that two DeFi protocols are suffering from the LUNA incidence. According to Stani Kulechov, Blizz Finance and Venus protocol got “rekt” from listing LUNA.
Both lending platforms utilize the Chainlink oracle for price confirmation. As the Luna token experienced volatility on Friday, Chainlink’s price oracle was paused. LUNA was at $0.107 when the price feed was paused. Within a short time, LUNA had fallen to $0.01.
Two accounts reportedly took advantage of this price difference. Both accounts deposited 230 million LUNA to the Venus protocol and used the tokens as collateral to obtain loans worth $13.5 million. Although Venus DeFi pools only give loans out with collateral of 200%, the pool still lost significantly due to the massive price difference.
Venus later announced to its community members that lending would be paused to prevent further damage to the protocol’s liquidity pools.
Following the lending exploitation, members of the Venus community questioned using a fallback oracle since the primary oracle was paused. A response was gotten, and it was revealed that the fallback oracle has never been used and did not run on code. The fallback oracle only permitted manual input of prices.
After Venus and Blizz, Aave Might Suffer Exploitation Soon
Blizz finance also suffered a similar attack, as the protocol is also integrated with the Chainlink oracle. Although the Aave protocol is integrated with Chainlink’s price oracle, there was no exploit on the DeFi platform.
Despite the absence of exploitation in the Aave protocol, members of Aave’s community are still tense. Aave seems to be relying solely on Chainlink oracles and lacks a backup in case of downtimes.
Amidst the panic, Stani shared a document on Aave’s risk framework to his followers on Twitter, reminding them that risk management is community know-how.
