$65 million more COMP at risk as developers wait to fix bugs on time

189
SHARES
1.5k
VIEWS

Related articles



The problems of the major money market aggregator DeFi are compounded by the fact that the $150 million worth of COMP is now at risk due to a buggy upgrade to the protocol that went live last week.

On September 30, Cointelegraph reported that a bug that resulted in between $70 million and $85 million in COMP tokens was mistakenly offered to users as rewards after an update aimed at fixing the bugs and the “segmentation of the COMP reward distribution” skewed.

Although the bonus distribution bug was quickly identified, Compound’s week-long delay in enacting new governance measures means the bug won’t be fixed until October 7.

On October 3, Compound founder Robert Leshner tweeted that 202,472.5 companies (worth approximately $65 million) were at risk after calling the protocol’s drip functionality for the first time in nearly two months.

The drip function makes the tokens in the collector tank available to users, with 0.5 COMP accumulated by the tank per block. Leshner noted that “the majority of COMPs are reserved for users” held in the tank.

SushiSwap developer Mudit Gupta has taken to social media to criticize the use of time locks in governance, asserting that nearly 100 people have been aware of the threat posed by the drip functionality since the September 30 bug was discovered but were unable to act due to the time delay in updating the protocol.

Gupta also warned of the risks associated with scalable smart contracts, stressing that they are not a “big” fit [DeFi] primitives. ”

“I’ve come to see upgradeability as a bug rather than an advantage,” he added.

While Leshner’s tweet revealed that nearly 117,000 companies worth $37.6 million were brought back into the protocol after the initial incident, developer Yearn Finance Banteg estimated That a third of the money at risk due to the drip functionality had already been claimed by users around 3:30pm UTC on October 3.

Banteg has calculated the total value of COMP tokens that were compromised due to a protocol error, now amounting to $147 million.

RELATED: Hackers Exploit MFA Flaw to Steal 6,000 Coinbase Customers – Report

Despite the initial identification of an error that caused the COMP price to crash 3% from $330 to $286 on September 30, the coin quickly recovered and traded above $340 on October 2, according to CoinGecko.

COMP has shed 7% of its value since hitting a local high of $347.5 on Oct. 3, last changing hands at $322 at the time of writing.