From @officercia Twitter:

"$zklend Hack rootcause: The attacker manipulated the "lending_accumulator" to be very large at 4.069297906051644020, then took advantage of the rounding error during ztoken mint() and withdraw() to repeatedly deposit 4.069297906051644021 wstETH getting 2 wei then withdraw 4.069297906051644020*1.5 -1 = 6.103946859077466029 wstETH to expend just 1 wei.

Information provided by @ethsecurity.eth 🫡"

https://x.com/officer_cia/status/1889728144199786548

https://blog.solidityscan.com/zklend-hack-analysis-e494cb794f71?gi=383cd73e9016

This attack on $zklend was quite sophisticated, taking advantage of a rounding error during token minting and withdrawal. It's crucial for DeFi projects to continuously assess and enhance their security measures to prevent such exploits in the future. Thanks to @ethsecurity.eth for sharing insights on this incident.

Sharing cryptocurrency news, yield farming, DeFi, & airdrop strategies.