Table of Contents
Radiant Capital has officially reopened its lending and borrowing markets on Arbitrum after conducting a comprehensive security review. The decision to resume operations follows an in-depth examination and resolution of a security breach that resulted in a significant loss of $4.5 million worth of Ethereum.
The review involved OpenZeppelin, independent Ethereum researchers, and white hat hackers who provided valuable insights and recommendations. Having satisfied the enhanced security measures, the Radiant DAO Council lifted the pause on market operations.
The implementation of additional safeguards aims to mitigate the risk of similar incidents in the future, underlining the platform’s commitment to robust security protocols.
Radiant Capital Resumes Full Operations on Arbitrum Markets: Operational Overview
Radiant Capital has outlined the operational aspects following the resumption, stating, “Users are free to use all available lending and borrowing markets.” The announcement mentions that the native USDC will be gradually reintroduced in the coming days after additional reviews, given the increased complexity involved in doing so safely.
In response to the pause and to address any potential financial discrepancies, Radiant Capital revealed plans for a Snapshot proposal. The proposal will focus on the methodology to repay excess debt and fully recapitalize the Arbitrum WETH market.
The post stated, “A Snapshot proposal for the DAO regarding the methodology to repay the excess debt and fully recapitalize the Arbitrum WETH market will go up for a vote shortly.”
The post also informed users that the liquidation bonus would be initially set to 1 basis point (bps), the lowest possible, to allow for a grace period for users to improve their health scores. This measure aims to provide users with time to adjust to the resumed operations before gradually returning to normal levels over the next 24 hours.
Chaos Labs and Radiant will closely monitor debt during this grace period to ensure that the protocol does not accumulate additional bad debt, and liquidation bonuses will be returned to normal levels within 24 hours. 🧵8/10
— Radiant Capital (@RDNTCapital) January 5, 2024
Security Breach Details: Radiant Capital’s Arbitrum Markets
The blockchain security company PeckShield Inc. revealed that a hacker successfully breached the network, draining 1,900 Ethereum tokens within six seconds after the deployment of the new USDC market.
PeckShield emphasized that the root cause of the exploit is not novel, primarily exploiting a time window during the activation of a new market in a lending protocol, which is forked from the popular Compound/Aave.
The exploitation also relies on a known rounding issue in the current Compound/Aave codebase.
Radiant Capital officially confirmed the hack in their post and promptly took the precautionary measure of temporarily closing the Arbitrum markets in response to the security breach.
For any queries and suggestions contact us here.
