DEFI OPTIONS PROTOCOL OPYN HACKED OVER $371000 LOST

Updated: 08/05/2020 05:36
Hyip Monitor
defi options protocol opyn hacked 371000 lost
Opyn experienced a double-spend attack on its Ethereum put options, resulting in the loss of at least $371,000 in user funds.
Opyn experienced a double-spend attack on its Ethereum put options, resulting in the loss of at least $371,000 in user funds.

The hack on Opyn's Ethereum put options happened around 4:00 AM PT
The team secured 572,165 USDC from its contract, but the hacker still got away with 371,260 USDC
Opyn is decentralized, and the team cannot shut it down in the case of emergency
Opyn, a protocol offering options for ETH, DeFi tokens, as well as insurance on Compound deposits, was hacked. At least 371,260 USDC were lost because of the double-spend attack on its Ethereum put options.

Opyn Protocol Exploited


Only ETH put contracts were affected by the attack. The hacker used an exploit in Opyn protocol’s options tokens (oTokens) to steal collateral from users who sold these ETH puts.

Opyn responded to the exploit by removing the ability to buy corresponding oTokens and draining their own protocol’s smart contract to liquidate ETH puts, saving further collateral from exploitation. A total of 572,165 USDC was drained from the contract.

While security firm OpenZeppelin audited the contracts, the exploit was outside of the audit’s scope, Opyn team announced it would release more technical details on the exploit at a later date.

Response to the Hack


The team reacted responsibly to the attack, saying that it will implement measures to mitigate the impact for people who lost money in the hack. For those with saved collateral and ETH put oTokens still on hand, the team offered to buy the tokens with a 20% markup on Deribit to compensate them for damages.

Opyn’s generalized options protocol “Convexity” is fully decentralized, the team doesn’t control it and can’t shut it down, so there was a limited opportunity to deal with the aftermath of the hack. The project’s example shows that smart-contract development should be treated as hardware development: if you ship a smartphone with a defect, there’s little you can do if things go wrong.

Crypto Briefing reached out to the Opyn team and has yet to receive a comment on the incident.

Opyn is taking other measures to prevent future exploits. In its latest report, the team stated that it would review its internal security and testing practices while increasing its bug bounty rewards. Moreover, it will conduct additional audits besides those already scheduled with Open Zeppelin. Finally, the contracts will go through Echidna, a program for testing smart-contracts created by the well-established audit firm Trail of Bits.

The hack highlights the vulnerability of the DeFi space. Still, Opyn’s response to the incident is adequate and instills optimism about Opyn’s future despite the negative impact of the attack.


About the author

Eric Marriam is a young writer. Even though he is not experienced he is able to make really high quality work. Eric is able to identify a problem people have and break it down, able to appeal to emotion through emotive writing, can change style of writing to cater to different audience. Eric Marriam is able to work creatively and effectively with staff and managers and despite his young age, he proved to be a clear and effective writer and speaker, committed to maintaining quality and efficiency, seeking for professional growth and development.
You May Also Like