Lending protocol Sonne Finance faces $20 million exploit, pauses markets on Optimism
The decentralized lending protocol said in a post-mortem report that it suffered an exploit that resulted in losses of $20 million. The team added it’s ready to offer a bounty to the attacker in exchange for return.
The project said in a post-mortem report that it was exploited due to a vulnerability in Compound v2 forks (Sonne is one). The hacker “was able to exploit the protocol for ~$20M with the known donation attack.”
In response to the attack, Sonne Finance wrote in a post on X that it had paused all markets on Optimism, while those on Base remained operational.
Sonne Finance’s move came shortly after blockchain security firm PeckShield warned on X and advised Sonne to check their timelock contract. The team added that it became aware of the issue “25 minutes after the exploit.”
The team explained in the post-mortem that it recently passed a proposal to add VELO markets to Sonne.
“We scheduled the transactions on multisig wallet, and because there is 2 days timelock, we also scheduled c-factors to be executed in 2-days,” the team wrote. “The exploiter executed 4 of the transactions when 2-day timelock ends for the creation of markets, and after that, executed the transaction for adding c-factor to the markets.”
Sonne added that while they aren’t able to save the funds, “the investigation on the exploiter’s identity is still going on.”
The project said it is ready to offer a bounty to the exploiter in exchange for return without disclosing more details.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Solana (SOL) Nears Previous All-Time High Amid Weaker Trend Signals and Potential Support Tests