GMX Releases $40 Million Attack Summary Report: Will Discuss Compensation Measures, V2 Unaffected

Odaily Planet Daily News: GMX announced on platform X a summary report on the reasons and follow-up measures regarding the approximately $40 million attack on GMX V1 on the Arbitrum chain on July 9. The report indicated that, after analysis by the security team, the attack originated from a reentrancy vulnerability in the OrderBook contract. The hacker exploited this vulnerability to manipulate the average short price of BTC, significantly raising the price of GLP and profiting from arbitrage. The official has suspended related transactions on the Avalanche chain, confirming that the V2 version is unaffected, and will take measures such as disabling GLP minting and redemption, and establishing a compensation pool. GMX reminds V1 fork projects to promptly fix similar risks. Next step funding situation: Approximately $3.6 million remains in the GLP pool, reserved for open positions. This week, costs for V1 GLP on Arbitrum are about $500,000 (after deducting 30% allocated to GMX stakers), which will be transferred to the DAO treasury for compensation. GLP minting and redemption on Arbitrum will be disabled (redemption disabling will require a 24-hour timelock). GLP minting on Avalanche will be disabled, but redemption functionality will be retained. Closing positions for V1 on Arbitrum and Avalanche will be enabled, while opening positions will be disabled to prevent the reoccurrence of the vulnerability. Orders for V1 on Arbitrum and Avalanche will be canceled. Remaining funds for GLP on Arbitrum will be allocated to the compensation pool for affected GLP holders. GMX DAO will discuss further compensation measures. It is advised that all GMX V1 forks take immediate action and only resume trading and minting of similar tokens after fixing and auditing.