Options market protocol Primitive has put its smart contracts to the test to prevent a possible exploit after a critical vulnerability was discovered
Primitive Finance announced in the mail that it had decided to hack its smart contract itself to fill a potential loophole. The exploit was discovered earlier this morning in Primitive Finance’s smart contracts. The decentralized financial protocol found that taking drastic measures was the best approach to addressing the vulnerability.
The options to suspend or update the contract on the platform were excluded, as neither was possible. With no other alternatives, Primitive Finance hacked its smart contracts to secure funds on the platform.
“A critical security flaw has been discovered in Primitive Finance smart contracts. Since the contract is not updateable or pausable, we decided to protect our own smart contracts to protect user funds. ” The blog post has started.
Primitive Finance affirmed that the white hacked funds are safe and will be returned to their respective owners. The article also explained in detail that an autopsy of the problem and measures to protect user funds will follow. Primitive Finance users now have to wait for their money to be returned.
At the time of writing, the majority of the funds had already been secured through the self-hack campaign. However, users are expected to take more action as some may still be exposed to the exploit.
A follow-up tweet from the log for permissionless options reads: “Even though we recycled 98% of the funds, TOKENS IN WALLET that approved the vulnerable contract are STILL AT RISK. Https://app.primitive.finance/reset is protecting the funds by setting each of your token permissions to 0 post-mortem and the next steps to reclaim funds are imminent. “
According to the blog post, the exploit comes with infinite approvals granted on a smart contract that is classified as vulnerable. By manually resetting permissions to zero, users have backed up all assets. Primitive warned that users who had already approved their token to be issued on the contract were at risk because their tokens were compromised. Until now, no hacker had exploited the vulnerability or used the vulnerability to steal money.
Elsewhere, the Total Locked-in Score (TVL) in DeFi has been on a recovery path after a slight drop over the weekend. The goal is to hit the record high of $ 41.85 billion on Friday last week. Over the past nine hours, TVL in DeFi logs has increased 1.65% from $ 40.23 billion to $ 40.895 billion at the time of writing.