dYdX Discloses Details of $9 Million Attack in November: Attacker Identified

dYdX, a decentralized exchange, has released a post-mortem report on a targeted attack on its v3 platform in November. The attack led to a $9 million loss in the platform's insurance fund, equivalent to roughly 40% of its total holdings.

Identified Attacker and Legal Action

• dYdX stated they have identified the attacker's identity and are in contact with them.
• The platform is considering legal options against the perpetrator for the targeted attack.

Attack Details and Strategy

• The attacker leveraged 5x positions in YFI-USD across more than 100 wallets, significantly impacting the native token of DeFi protocol Yearn Finance.
• By purchasing spot YFI tokens using different addresses, the attacker drove the price up by 215%, amassing positions worth approximately $50 million.

Platform's Response and Fund Impact

• dYdX increased the YFI-USD market's initial margin requirement and adjusted position sizes to restrict the attacker's activities.
• Subsequently, YFI's price plunged nearly 30% in an hour, leading to the attacker's failure to close their positions. The losses were compensated from the insurance fund.

Previous Attacks and Preventive Measures

• The attacker had targeted SUSHI-USD using a similar strategy a week before, earning around $5 million in profits. However, dYdX's raised initial margin requirement prevented further impact on the insurance fund.
• Customer funds were unaffected, and dYdX claims the attacker did not profit from manipulating the YFI market.

Enhanced Security Measures and Future Plans

• dYdX has updated its v3 trading platform for better open-interest monitoring and alerting to prevent similar orchestrated attacks.
• Additionally, the upgraded v4 chain includes automatic adjustments in the initial margin fraction to mitigate risks from abnormal price movements.

Future Developments and Contact

• dYdX highlighted that the v4 chain upgrade aims to prevent incidents akin to this attack and includes new software features for risk management.
• The company has not yet responded to further inquiries regarding the incident.