Decentralized lending protocol zkLend officially announced it is ceasing operations and using the remainder of its treasury to create a user recovery fund following a serious $9.5 million mining incident in February along with token liquidity loss.
The announcement was posted on zkLend's official X channel, marking the end of the short-lived journey of the Starknet-based DeFi protocol.
Liquidity exhausted and decided to cease operations
The exploit and subsequent volatility have eroded confidence in zkLend’s ZEND token. Major exchanges such as Bybit and KuCoin have delisted ZEND in recent weeks, causing trading volumes to plummet and exiting positions to become nearly impossible due to the steep price drop.
With token liquidity almost completely gone, the zkLend development team determined that there was no viable path to restarting money markets.
In the announcement on X, the zkLend core team said:
“Under the current circumstances, we believe that using the remaining $200,000 in treasury to support affected users through the recovery fund is a more responsible and meaningful work than continuing to develop and restart the currency market.”
The protocol also announced that users can withdraw staked funds or submit refund requests through the DeFi Spring and kSTRK portals.
Notably, zkLend is still partnering with zeroShadow – a blockchain forensics firm that is tracking and tracing stolen assets, with the assessment that any recovered funds will be transferred back to the recovery fund.
In addition, zkLend is committed to releasing an audited, restored, and open source code in the coming weeks so that the community can develop or fork the project.
zkLend Hasn't Recovered From February Hack
Launching officially on the Starknet mainnet in late 2023, zkLend aims to provide non-custodial lending and borrowing services through yield-optimized “money markets,” based on zero-knowledge proofs to increase throughput and reduce gas fees.
However, on February 11, a hacker exploited a vulnerability in zkLend's loan accumulator through flash loans and rounding errors, stealing around $9.5 million at the time.
Post-incident analysis of zkLend shows that the attacker exploited the weakness to inflate the protocol state, rapidly draining deposits.
In the following days, zkLend offered the hacker a 10% bounty to recover the remaining funds, but the hacker disappeared until a surprising development.
On March 31, the hacker posted a message on the chain with a value of 0, stating that he had lost 2,930 ETH by mistakenly accessing a fake Tornado Cash scam website. The Etherscan document notes the explanation:
“Hello, I tried to transfer money to Tornado Cash but used a phishing site and lost all my money. I am disappointed and sorry for the damage caused.”
Many crypto investigators are skeptical of this story. On-chain analysis shows that the transaction went through a vanity address on Ethereum and not directly to the fake Tornado Cash site. The fact that the hacker did not disclose the name of the phishing site adds to the suspicion.
The DeFi community reacted with a mix of empathy, frustration, and caution.
In the near future, victims will be monitoring the progress of zeroShadow's investigation, while an audited version of the contract law is about to be released as open source, which could facilitate forks or startups that learn from zkLend.
Source: https://tintucbitcoin.com/zklend-sap-sau-hack-95-trieu-usd/
Thank you for reading this article!
Please Like, Comment and Follow TinTucBitcoin to stay updated with the latest news about the cryptocurrency market and not miss any important information!
