The Decentralized Finance (DeFi) market has grown to be a significant part of the crypto industry. Over the years the total value locked in DeFi contracts on Ethereum has surpassed $1 billion. DeFi plays an important role in banking the unbanked and making the money market more efficient.

However, 2020 has been rough for this sector as the DeFi space continues to be plagued with hackers trying to exploit the bugs and loopholes that leave these platforms vulnerable to attacks. The latest to have undergone an attack is Factom-based stablecoin network PegNet.

According to a post by PegNet core developer ‘WhoSoup’, the network underwent a 51% attack that allowed the perpetrator to mint $6.7 million worth of the dollar-pegged stablecoin pUSD. What’s more concerning is the fact that it took just 4 miners to collectively control 70% of the network’s hashrate on April 22.

The miners were unsuccessful in their attempts to liquidate the fraudulently created funds and later claimed that the event was a penetration test, but the report form WhoSoup states otherwise.

How did this happen?

With support for tokens pegged to 42 different assets, the PegNet network receives price data from its miners via oracles and APIs that enable it to maintain price stability. Every block is required to have a total of 50 data submissions and the network removes 25 entries that are the furthest from the average price.

At 05:00 UTC on April 22, the group of miners’ submitted data to artificially inflate the price of the Japanese yen pegged stablecoin pJPY by submitting 35 of the 50 data entries at high prices. Since they accounted for 70% of the network’s hashrate, it allowed them to exchange a wallet containing 1265.79 pJPY (about $11) for 6.7 million pUSD.

However, the group failed to liquidate the funds and majority of the stablecoins that were created have since then been sent to a burn address with no known private key, containing over 9,000 transactions.

The group has claimed that they were doing a penetration test on the network since they have been mining PegNet for a while according to the report. But it is fishy that 6.7 million pUSD was converted to various other assets and distributed among multiple addresses.

Following the event, one member of the project team tweeted:

Another milestone in the history of PegNet, being able to repel its first 51% attack. A miner generated a bunch of pAssets. But thanks to the PegNet's safety mechanisms that prevent fast pAsset to PEG conversions they couldn't dump the assets & instead decided to burn them. pic.twitter.com/TwGeMrdkvP — David A. Johnston (@DJohnstonEC) April 21, 2020

Conclusion

This year has seen multiple attacks on several DeFi platforms with some resulting in huge losses. As previously reported by The Daily Chain, a hack of dForce, a Multicoin Capital-backed Chinese language decentralized finance (DeFi) protocol, saw $25 million stolen, nearly cleaning out the accounts of the platform. The funds were later returned by the hackers.

Prior to this, major popular decentralized lending protocol bZx lost more than $900,000 to two consecutive hacks.

This goes to show that the DeFi sector is relatively immature and continues to be vulnerable. But the fact that these issues exist doesn’t necessarily mean that DeFi won’t be successful. Many of these risks exist in the broader crypto and traditional financial markets.

Despite everything, DeFi has had a massive impact on the crypto market as a whole. From decentralized credit and lending systems, predictions markets, and asset management, DeFi’s applications have caused quite a stir in the mainstream space for their capacity for enabling multiple efficiencies.