Fastest News Updates around the World

Midas Capital is experiencing shady urgent loan business


- Advertisement -

Blockchain security watchmaker Certik Alert has revealed a satirical attack on Midas Capital. The company added that the exploit (0x1863…) got 663,101 MATIC, worth $660,000 at the time of writing.

Midas Capital has temporarily suspended its borrowing activities

On January 15, Midas Capital, the venture capital organization that funds and backs blockchain projects to make them successful, announced that it will stop borrowing activities at the Jarvis Polygon pool.

Users were informed that the pause was due to an investigation of a suspicious transaction that involved a recently added token (WMATIC_STMATIC).

The WMATIC_STMATIC token was listed last week on Midas Capital’s official website with a maximum supply of 250,000. The company has discussed adding the token with its team (Jarvis Network) to add new options for pool users. Implementation of supply caps to prevent large borrowing against liquidity pool tokens has been sufficient so far.

Midas stated that they made the wrong judgment because they assumed the pool only composed Encapsulated ERC20 assets. I also thought that the previous re-entry attack would not affect them while using an “initial call” of the original code of the chain.

Midas witnessed the same event prior to the launch of BNB with Ellipsis when the company heavily backed LP tokens as collateral. Their oracle’s trust emanated from Ellipsis, which strictly took out the ability to make an ‘initial call’.

Jarvis Network had multiple errors

Ancilia, one of the three web partners, states that Jarvis’ network has multiple bugs. Re-entry and fixation of the jFIAT token price is what triggers the loan interest. The attacker took advantage of the opportunity to re-enter the original WMATIC code to borrow the bulk. The white-headed hacker later spent 270,000 WMATIC as collateral and minted the token 131JFIAT.

Then, the attacker created another contract, used one of the 10 borrowed amounts to clear the debt, and immediately returned the 103 jFIAT immediately after the price was charged and changed. There was a suspicious questionnaire with the Midas Price Oracle. However, holding the polygon implementation was the case of the problem.

After checking the price oracle, Ancilia learned the price arithmetic to get a virtual price function based on self D in storage slot 0x10. The eigenvalue of D is usually 0x041a1ba29495fff4fab5bc; However, it was ten times larger when the attack occurred.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. AcceptRead More