HomeBlockchainEuler Finance audited 10 times before the $196 million attack

Euler Finance audited 10 times before the $196 million attack


Euler Finance, an Ethereum-based lending protocol, underwent 10 audits from six different blockchain security firms between May 2021 and September 2022. The audits ranked the platform’s risk assessment, measuring the “likelihood of a security incident” and the impact it could have. have. The risk level for Euler ranged from very low and informative to critical, with none being considered “anything higher than low risk” with no “remaining issues.” Despite extensive audits, Euler suffered a $196 million quick loan attack on March 13, 2023.

Responding to the attack, Euler Labs CEO Michael Bentley described it as the “hardest days” of his life in a series of tweets on March 17. He retweeted a user sharing information that Euler had undergone ten audits, commenting that the platform “has always been a security-oriented project.” Euler had also issued a warning just 24 hours before releasing a $1 million bounty for information leading to the hacker’s arrest, stating that he would release a bounty “leading to his arrest and the return of all funds” if 90 % of funds were not returned in 24 hours.

Despite the audits, the Euler attacker began moving funds through the Tornado Cash cryptocurrency mixer on March 16, just hours after the bounty was released. In his Twitter thread, Bentley expressed frustration over the attack and the sacrifices he had to make as a result, including time with his newborn child. However, he also thanked security experts who are “working on leads” for the investigation.

While some blockchain security firms, such as Omnisica, found and addressed some “wrong paradigms” in Euler’s base exchanger implementation and how the exchange mode was “handled by the code base”, the audits concluded that Euler had “adequately dealt with” these issues, with “no outstanding issues” remaining. Halborn’s December 2022 audit summary also indicated that he had found “an overall satisfactory result.”

In conclusion, Euler Finance’s 10 audits of six different blockchain security firms in two years did not prevent a $196 million flash loan attack. Despite audits deeming the platform to be “nothing more than low risk” with no “remaining issues,” the attacker was able to move the funds through cryptocurrency mixer Tornado Cash just hours after Euler dropped a bounty of $1 million for his arrest. The investigation into the attack is ongoing.


Please enter your comment!
Please enter your name here


MakerDAO holds USDC as the primary collateral for Dai

Since there is a possibility that risks could be tied to USDC, the MakerDAO Central Risk Unit recently proposed the notion of diversifying collateral for...

Polkadot, Kusama and Cardano lead the crypto space in terms of ‘notable activity on GitHub’: Santiment

Polkadot (DOT), Kusama (KSM), and Cardano (ADA) lead the crypto space in terms of "notable" GitHub development activity, according to cryptanalysis firm Santiment. holyday grades that...

Owner of Major US Stock Exchange to Launch Crypto Custody Services by June: Report

The parent company of a major US stock exchange is reportedly looking to launch crypto custody services by June. According to a new report from BNB...

DeFi Giants Launch on Ethereum Layer 2 zkSync Era

After four years of development, Ethereum's Layer 2 scaling network, zkSync Era, has been opened to users in alpha, enabling faster and cheaper transactions. ...

Most Popular