According to Cointelegraph, a hacker stole $46 million from the KyberSwap protocol using a complex strategy described as an “infinite money glitch” by DeFi expert Doug Colkitt. The attacker tricked the platform’s smart contract into believing it had more liquidity available than it did. Colkitt highlighted that it’s the “most complex” smart contract he’s ever seen.
In other news, the Australian Taxation Office (ATO) released new guidance on DeFi but failed to clarify whether capital gains taxes apply to various DeFi features, such as liquid staking and sending funds to layer-2 bridges. A spokesperson from ATO stated that the tax consequences of a transaction “will depend on the steps taken on the platform or contract, and the relevant surrounding facts and circumstances of the taxpayer who owns the cryptocurrency assets.” This lack of clarity could lead to investors being unable to comply with the possible consequences of the unclear guidance.
Antonio Juliano, the founder of DeFi protocol dYdX, shared the findings of the investigation into the $9 million insurance funds within the platform. Juliano said the dYdX blockchain was not compromised and noted that the insurance claims happened on the v3 chain. The fund was being used to fill gaps within the Yearn.finance liquidation processes. The dYdX founder also expressed that instead of negotiating with the exploiters, the protocol will offer bounties to those most helpful in the investigation. “We will not pay bounties to, or negotiate with the attacker,” Juliano wrote.
