DeFi Herald: Chainlink team announced staking, and hackers hacked Horizon for $100 million

The decentralized finance (DeFi) sector continues to attract increased attention from cryptocurrency investors. ForkLog collected the most important events and news of recent weeks in a digest.

Main indicators of the DeFi segment

Against the background of the crisis in the cryptocurrency industry, the amount of blocked funds (TVL) in DeFi protocols fell to $78.89 billion. The leader of the sector in this indicator is the Aave landing protocol ($10, 48 billion). MakerDAO ($7.93 billion) and Curve ($5.51 billion), respectively, occupy the second and third lines of the ranking.

Data: DeFi Llama.

TVL in Ethereum applications fell to $46.03 billion. Over the past month, the figure denominated in US dollars has decreased by almost 40% (on May 25 – $75.49 billion). In ETH, the value decreased by only 0.5%, to 37.44 million coins.

Data: DeFi Llama.

Decentralized exchange (DEX) trading volume over the past 30 days was $76.5 billion, according to Duna Analytics.

Uniswap continues to dominate the non-custodial exchange market, accounting for 56.9% of total turnover . The second DEX in terms of trading volume is Curve (20.3%), the third is Synthetix (8.7%).

A hacker stole about $100 million in an attack on the Horizon cross-chain bridge of the Harmony protocol

The Harmony blockchain platform team reported an attack on the Horizon cross-chain bridge, as a result of which the attacker stole assets worth about $100 million

According to Certik, the attacker managed to gain control over the multisig wallet. An unknown person withdrew the tokens in several transactions, then sent them to another wallet and exchanged them on the Uniswap decentralized exchange.

The developers have suspended Horizon. They also said they launched an investigation with law enforcement, including the FBI, and notified cryptocurrency exchanges about the situation.

The team assured that the incident did not affect the trustless bridge for bitcoin – all funds are safe in decentralized vaults.

The Chainlink team announced the launch of staking

The developers of the Chainlink decentralized oracle network announced the introduction of the LINK token staking mechanism in the second half of 2022. The team noted that the move will improve the security of the ecosystem as it scales.

According to the statement, the staking mechanism will achieve “four long-term goals”: 

• improve network security and provide guarantees to users;
• ensure the involvement of community members in the work of Chainlink;
• generate and distribute rewards for stakers; 
• create a reputation structure for selecting nodes in decentralized oracle networks.

According to the developers, the first step is to create a “reliable and simple foundation that will allow you to collect feedback.” Over time, the scope of staking will expand, and its structure will become more complicated.

Osmosis blockchain suspended due to a critical vulnerability

On June 8, the Osmosis blockchain platform of the Cosmos ecosystem suspended block production due to a vulnerability that could lead to the depletion of the liquidity pools of the Osmosis DEX application.

Reddit users were the first to notice the exploit. One of them noted that the vulnerability allows you to add liquidity to the pool and get 50% more deposit when it is removed.

The developers explained that the exploit became possible due to a bug present in the Osmosis v9 update, which they activated May 7.

The error consisted in the incorrect calculation of the shares of liquidity providers when depositing and withdrawing assets from pools. It was skipped during the internal testing phase of the update.

It took the project team several days to restore the platform. Osmosis only resumed block production on June 12.

An attacker attacked the DNS servers of DeFi projects among Namecheap clients

Since June 23, a number of DeFi projects, including Convex Finance, Allbridge, Ribbon Finance, and DeFi Saver have experienced attacks on their DNS servers. All of them used the services of the Namecheap domain name registrar.

The attack vector was similar in all cases: an unknown person seized control of the project’s DNS server and offered its users to approve malicious smart contracts. 

Allbridge co-founder Andrei Veliky told ForkLog that about 23 cryptocurrency projects faced a DNS attack . He added that the affected group is considering filing a lawsuit with the provider. 

Namecheap remained silent for almost a day, but on the evening of June 24, the head of the company, Richard Kirkendall, wrote on Twitter that the provider had identified a “compromised agent” and removed access.

Venture funding in the DeFi sector in May fell to $176.3M

In May, the total volume of decentralized finance-focused venture capital deals was $176.3M, the lowest since September 2021.

Cumulative With the influx of venture investments in the blockchain industry, the share of the DeFi sector fell to 9% from 18% in April.

Data: The Block Research.

According to analyst John Dantoni, for the first time since July 2020, DeFi funding was not among the two most popular types of transactions in the industry.

Read ForkLog bitcoin news on our Telegram – cryptocurrency news, rates and analytics.