On April 23, 2024, Magpie Protocol was alerted of a vulnerability in its MagpieRouterV2 smart contract that allowed a hacker to make away with $129k from 221 wallets. In response, Magpie quickly paused and shut down the dApp to prevent further loss of funds as they worked on a patch.
The Magpie team eventually fixed the bug and implemented changes to prevent any further exploitation of the protocol. All affected users were also fully reimbursed with the asset they originally lost on the chain they lost it on in the two weeks following the incident.
2024 Crypto Hacks in Hindsight
Magpie Protocol hasn’t been the only crypto platform to suffer an exploit in 2024. Since the start of the year, there have been over a dozen high-stake hacks in DeFi, the most recent one involving the AI network Gnus.AI.
On May 5, Gnus.A1 lost around $1.27 million to a token-minting exploit. A few months before that in March, Prism Finance had lost $10 million while Mozaic Finance lost $2.5 million in separate incidents.
Other hacks include PlayDapp ($290 million), Abracadabra Finance ($6.5 million), Concentric.fi ($1.8 million), Socket.Tech ($3.3 million), Gamma Strategies ($3.4 million), CoinsPaid ($7.5 million), Radiant Capital ($4.5 million) and Orbit Chain ($80 million).
Magpie’s quick action was able to cut the exploit short and prevent further damage, ensuring any further damage was a fraction of the size.
A Brief Introduction to the Magpie Protocol
Magpie Protocol is a decentralized, liquidity aggregation protocol for cross-chain swaps. It is designed to solve two major issues in DeFi: bridging and liquidity aggregation.
Focusing on user experience (UX), speed, security, and gas fees, the platform is engineered to provide the best deal on any asset across the top blockchains without the user needing to bridge the asset themselves, providing a fast and gas-efficient solution to cross-chain swaps.
Magpie’s prioritization of UX has unlocked a new level of convenience in cross-chain swapping across the top blockchains. The protocol replaces the costly, multi-step, and multi-platform operation of traditional swapping with an all-in-one transaction that incurs the gas fees of a normal swap.
Once a user connects their wallet to the platform, they are presented with a single interface, which only requires them to select the tokens to swap, select the corresponding blockchains, and permit Magpie to spend their tokens. The protocol then finds the best price and route before sending the swap signal cross-chain.
Unlike most bridging protocols, which are limited to native gas tokens, stablecoins, and the protocol’s tokens, Magpie allows users to swap non-gas tokens. This gives traders a wide variety of assets that they can trade cross-chain.
How was the Protocol Hacked?
Magpie Protocol’s router, MagpieRouterV2, is designed to not require continuous contract updates for every protocol and to optimize user gas usage. It allows the team to construct complex calls that help the protocol work gas cost efficiently with almost any protocol.
The hacker targeted this router’s function selector, exploiting a vulnerability that allowed them to bypass the router’s security check and divert funds to their address. They managed to steal $129k from 221 wallets.
Fortunately, this exploit was discovered quickly and the protocol paused to prevent further losses while the team fixed the vulnerability. Magpie Protocol is now safe and secure to use. All users who lost assets in the attack have also been fully refunded within two weeks.
Building a Safer Platform
Magpie Protocol takes this event very seriously. While the vulnerability has been fixed, the protocol is taking additional steps to improve and guarantee the security of user assets in the future.
Currently, the protocol is working with Quill audits to ensure all its code is secure. It is also integrating Cube3ai monitoring, which uses machine learning bots to identify on-chain threats in real time and provides scores for transactions, wallets, and smart contracts. This system will alert the Magpie team of any suspicious activity, giving them time to respond before any significant damage is done.
On top of these, Magpie Protocol is planning to introduce intent-based swaps. These allow users to initiate transactions by stating their desired outcomes, such as asset swapping or providing liquidity, which Solvers retrieve and use to strategize and execute optimal solutions on the target chain.
Magpie Intents will diversify liquidity access, lead to better pricing, and mitigate pricing while allowing for more seamless cross-chain swaps.
Why Use Magpie?
Magpie is committed to building a robust platform that ensures the safety of user assets. Today, the protocol provides a fast and gas-efficient solution to cross-chain swaps that is cheaper than the competition over 90% of the time. This means Magpie users can quickly and securely obtain the best deal on any asset across the top blockchains without needing a crypto bridge, placing the protocol among the top opportunities currently available in DeFi.
Comments
0 comments
Article is closed for comments.