DeFi Protocol MonoX Loses $30M to Smart Contract Bug; Token Drops 20%

MonoX, a decentralized finance (DeFi) protocol that offers single token pools, has been drained of an estimated $30 million. An alleged hacker exploited a smart contract bug in MonoX’s Ethereum and Polygon deployments, giving them the opportunity to steal assets deposited by other users.

According to blockchain security researcher Mudit Gupta, a bug in MonoX’s contracts result in the protocol quoting incorrect prices during a token swap.

MonoX uses a single token to represent the token deposited or withdrawn from a liquidity pool. This reliance on a single token affects the process of updating asset prices, and presented an opportunity for the hacker to artificially pump the price of the MonoX token in the system.

After executing several trades that inflated the price of MonoX in the system, the hacker was able to “trade a few dollars of MonoX tokens for a few million dollars of other tokens because the system incorrectly thought that MonoX is a super expensive token,” Gupta explained.

The security exploit comes less than 24 hours after the project announced it had received a grant to launch its protocol on the Harmony network.

MonoX Drops 20% in Aftermath

As one would expect, the negative development had an impact on the price of MonoX’s native token, $MONO. Data from Coingecko reveals that the token’s value has dropped by over 20% in the wake of the exploit.

MonoX price dump

(Source: Coingecko)

The latest security incident involving MonoX adds to the unending list of DeFi exploits witnessed since the emergence of the industry. Last month, another project, Indexed Finance, lost $16 million to a similar pricing vulnerability.

This article is Originally posted on
Author: Wilfred Michael

Related Articles

Author: Wilfred Michael