Private Key Management Issue Linked to MerlinDEX Hack, Says CertiK
CertiK attributed the over $1.82 million loss incurred by the zkSync-based decentralized exchange, MerlinDEX, to a private key management issue rather than to exploitation by bad actors. CertiK conducted an audit of MerlinDEX smart contracts prior to the incident.
MerlinDEX, a zkSync-based platform is the latest decentralized finance protocol to lose money in its liquidity pool. The decentralized exchange (DEX) lost more than $1.82 million during the early hours of April 26.
So far, there have been conflicting reports regarding the exact cause of the asset loss, with blockchain security firm CertiK recently auditing the project’s code, claiming that its initial investigation revealed the attack was due to a private key management issue rather than an exploit.
However, eZKalibur, another zkSync-based decentralized exchange project, claims to have researched MerlinDEX smart contracts and identified the vulnerability that enabled the theft.
While the DeFi ecosystem saw an increase in TVL (Total Value Locked) during the first quarter of the year, hacks and rugs continue to plague the industry without a permanent solution.
According to CertiK, bad actors drained more than $320 million from the crypto space during the first quarter of this year alone. Under the current situation, this amount may exceed the more than $3 billion stolen last year by the end of 2023.
You must log in to post a comment.