Yearn Finance Sounds Alarm as Contract Bug Wreaks Havoc on Multiple Pools

Yearn Finance Investigates Outdated Contract Issue with iEarn Protocol

Yearn Finance, a decentralized finance (DeFi) platform, has announced that it is investigating an issue with an outdated contract called iEarn. This contract predated more recent versions such as Vaults v1 and v2. According to the notification on Thursday, the issue is exclusive to iEarn and does not affect current Yearn contracts or protocols. Yearn Finance said Vaults v1, which had upgradeable strategies, was obsoleted in 2021, but there was no indication that it has been affected, as well as the current version, Yearn v2 Vaults.

However, Yearn Finance later realized that the recent exploit was caused by a bug in the legacy iEarn USDT (yUSDT) token contract. According to the official update, the bug persisted in several versions and led to multiple Curve pools, including BUSD and PAX, to be exploited and drained. Liquidity providers who deposited their LP tokens into downstream protocols, such as users of the Yearn v2 and legacy v1, were impacted. While Yearn Finance’s team investigates the issue, DeFi users are urged to remain cautious and vigilant, particularly when dealing with older contracts.

Last week, the blockchain security firm PeckShield revealed that a bug in the approval system of SushiSwap’s RouterProcessor2 contract has led to the loss of more than 1,800 Ethereum tokens worth over $3.3 million. Notably, the hack affected several chains, including Ethereum and Binance Smart Chain. PeckShield listed the affected addresses and advised users to revoke contract approvals. A Smart Contract audit firm was able to block an attack transaction, rescuing 100 Ether, equivalent to nearly $200,000.

The recent exploits in DeFi platforms highlight the importance of security audits and the need for caution when dealing with older contracts. Yearn Finance has urged users to remain cautious and vigilant, particularly when dealing with legacy contracts. The DeFi space has seen a surge in popularity in recent years, with investors drawn to the high yields and decentralized nature of the platforms. However, the risks associated with these platforms cannot be ignored.

As the DeFi space continues to grow, it is important for platforms to prioritize security and for users to remain vigilant. The recent exploits serve as a reminder of the need for caution and the importance of security audits. While the DeFi space offers many opportunities for investors, it is important to approach these platforms with caution and to do your due diligence before investing.

Martin Reid

Martin Reid

Leave a Replay

Scroll to Top