1/6

Today, we’re launching The Alpha Challenge, a two-week experiment for the crypto community to test their on-chain analysis skills and for Wintermute to hire top talent

We've also collaborated with six companies to provide exciting awards for those who will not be hired👇 2/6

We developed this idea because using case studies is our (and my personal) approach to hiring for research-related roles

The feedback was always excellent, so it would be interesting to check it on a larger scale

That’s why we're posting 10 case studies instead of a few

1/5

Imagine if you could bet on a coin flip but couldn’t lose anything

This is how someone stole around $25k from dice9win today, with another $200k was saved by SEAL 911 members

Let’s figure out how it works (we have the team's approval)👇

https://twitter.com/pcaversaccio/status/1706713159887716700

2/5

The exploiter deployed contracts for each 'coin flip'

The project’s VRF oracle provided randomness and settled bets

In case of victory, the exploiter’s contract redirected the winnings to them

1/12

Alright, I've been sitting on this news all day, but let's look at the @BaldBaseBald deployer.

This is definitely someone from Alameda, but I don't think we can safely say that this is @SBF_FTX (even though he is a psycho)

Let's go👇 2/12

I started the morning by making sure that he is not a Coinbase insider, despite the mention of the address (0xccFa05) as the largest holder on DeFi governance forums

Upon closer inspection, one could find that cbETH was not minted by Coinbase, but was bought on Uniswap v3

1/10

For more than a week, someone has been trying to carry out a governance attack on @SwerveFinance (a dead Curve clone) and steal $1M+ in various stablecoins

Let’s figure out why he didn’t succeed and also find out who the exploiter is👇

https://twitter.com/spreekaway/status/1636414977945878561

2/10

Swerve is powered by Aragon, where voters use veSWRV (maximum voting power if tokens are locked for 4 years)

There are currently 1.6M yvSWRVs, 51% of which (571k) are needed to execute proposals

Exploiter already owns 495k ($60k) from two addresses

1/7

Euler lost $197M in 6 tokens:

- 73.8k wstETH ($116M)
- 34.2M USDC
- 846 WBTC ($18.6M)
- 8k WETH ($12.6M)
- 8.9M DAI
- 3.8k stETH ($6M)

Also, EULER price fell by 52%👇

https://twitter.com/eulerfinance/status/1635218198042918918

2/7

Let’s see what happened using the attack on the DAI pool as an example

But first, I need to share a little context:

eToken - collateral token
dToken - debt token

As soon as the amount of dToken exceeds the amount of eToken, liquidation can be triggered

1/7

Many post-mortems after the Terra events have focused on “Wallet A” which played a large role in UST depegging

"Wallet A" swapped 85M UST for USDC and imbalanced the UST/3CRV Curve pool

There is a good chance this wallet is related to @JaneStreetGroup 2/7

On May 3, 2022, Clearpool announced that Jane Street borrowed 25M USDC from @BlockTower using their permissioned lending pool

This news made it possible to identify three addresses of the trading firm, of which we are most interested in only one

https://twitter.com/ClearpoolFin/status/1521478241177182208

1/3

Today @Moola_Market has been exploited for $8.4M:

- 8.8M CELO ($6.5M)
- 765k cEUR ($0.7M)
- 1.8M MOO ($0.6M)
- 644k cUSD ($0.6M)

It was an incredibly simple attack👇 2/3

The process:

- The exploiter was funded with 243k CELO from @binance

- The attacker lent 60k CELO to Moola and borrowed 1.8M MOO to use them as collateral

- They started pumping the MOO price with the remaining CELO, and to use it as collateral and borrow all other tokens

Before the hack, the BNB bridge exploiter registered as a relayer for this bridge For some reason, he was using the same block from two years ago

1/5

Do you like fancy words like MEV and Flashbots and want to have ‘stress-free passive income’?

Then be careful, and don’t get caught by scammers like @mevbots.

For half a year of existence, 4.4k addresses independently transferred 1.8k ETH ($2M+) to them👇 2/5

The scammers published a contract for a Uniswap bot, where the victims had to deploy it using Remix.

This contract consists of many functions that allegedly automatically trade and even have 'access' to a mempool.

It was only necessary to deposit ETH to this contract...

1/5

Let’s look at how @jump_ tried to defend the UST peg a week ago.

They used at least three addresses on Ethereum and spent $682.5M+ in various stablecoins.

Basically, they were adding one-side liquidity in USDC since the Curve DAI/USDC/USDT pool was already imbalanced. 2/5

Jump spent the minted LP tokens on the withdrawal of UST from the pool.

Thus, they removed 593M UST from the pool, which should also positively affect the peg.

However, even though there was 1.2B liquidity in the pool, UST's price quickly began to decrease.

1/9

Crypto has existed for more than ten years, but we have not yet seen a real adoption.

One of the main issues is a rather high entry threshold and the lack of high-quality data.

@TheBlock__ is solving exactly that, and you are the one who can help bring adoption closer👇 2/9

For more than a year and a half, our data dashboard has existed with more than 300 charts showing the macrostate of the industry.

Of course, our team (our data engineers, me, @rebeccastev, @Merkle3_) does not stop there and prepares other data products in stealth mode.

1/5

The new popular @beanstalkfarms protocol lost $181M+ in today’s exploit, but the attacker only gained $76M.

Let’s figure out what happened👇 2/5

The main protocol contract has been completely emptied.

User funds have been withdrawn:
- 36M BEAN ($36M)
- 0.54 ETH-BEAN UNI-v2 LP tokens ($33M in ETH and $32M in BEAN)
- 79.2M BEAN3CRV-f Curve LP tokens ($79.2M?)
- 1.6M BEAN-LUSD Curve LP tokens ($1.6M?)

1/5

We’re back to interesting exploits, and @InverseFinance users lost money today.

As a result, $15.6M was stolen in the form of:
- 1588 ETH
- 94 WBTC
- 4M DOLA
- 39.3 YFI 2/5

First of all, the exploiter withdrew 901 ETH from Tornado Cash.

Then they transferred 1.5 ETH to 241 clean addresses via Disperse and deployed five different smart contracts, of which only one was real.

1/8

Everyone has been waiting for this for a long time, and now @paraswap practically launched his token (PSP), which includes a retroactive airdrop and, apparently, some staking for Paraswap pools

Let’s see what we can learn from these unverified contracts👇 2/8

Regarding the token:

- supply is 2B PSP

- of which 150k PSPs are already on the airdrop contract. This amount is less than a percentage of the total supply, so either this is a test transaction, or the initial supply will be tiny

Over the past two and a half years, the number of addresses interacting with DeFi protocols has grown from several thousand to over three million.

For this reason, over the past few months, I have been fascinated by researching the various characteristics of protocol userbases. First, I looked at the ratio between users and tokenholders to find the percentage of loyal users that fall into both categories.

And in general, for Ethereum DeFi, on average, about 7% of unique addresses are both users and tokenholders.

theblockresearch.com/a-quick-look-a…

1/8

New weekend - a new attack on BSC DeFi protocol.

Today $6.2M in BUSD was stolen from Belt Finance in 8 transactions.

Below is what happened👇 2/8

Each transaction looked like this:

1) Used 8 flash loans on $385M BUSD from PancakeSwap

2) Deposited 10M BUSD in bEllipsisBUSD strategy (only for the first transaction, where it was the 'Most Insufficient Strategy')

1/7

Another flash loan attack on a major DeFi protocol on BSC.

Today $7.2M was stolen from @burger_swap in 14 transactions.

Let’s see what’s happened👇 2/7

What was stolen:
- 4.4k WBNB ($1.6M)
- 22k BUSD ($22k)
- 2.5 ETH ($6.8k)
- 1.4M USDT ($1.4M)
- 432k BURGER ($3.2M)
-142k xBURGER ($1M)
- 95k ROCKS

1/6

Today, BUNNY tokens worth $1B+ were minted from Bunny Finance on BSC, resulting in $40M+ was stolen:

- 114k WBNB ($40M)
- 697k BUNNY

For this reason, the BUNNY price fell from $146 to $6👇 2/6

The exploiter’s actions were as follows:

1) Added a small number of assets to the Bunny USDT-WBNB Vault

2) Borrow 2.3M BNB ($704M) from seven PancakeSwap pools and 2.9M USDT from ForTube Bank using flash loans

1/9

Today we have witnessed the manipulation of XVS price —  the governance token of Venus Protocol on BSC.

This incident resulted in $200M+ DeFi liquidations and a $100M+ of protocol bad debt.

As usual, let’s analyze this situation below👇 2/9

The previous record for liquidation volume was held by Compound after the DAI price oracle incident ($88M).

Back then, Compound Open Price Feed was heavily criticized by the Chainlink community, but virtually the same manipulation was just done even with Chainlink.

1/6

Many talk about the @0xPolygon success and the record number of transactions, but is everything really so good?

Let’s see how arbitrage bots spammed Polygon with failed transactions👇 2/6

As well as on BSC, bots appeared thanks to the Uniswap forks launch - QuickSwap and SushiSwap.

Due to these bots, activity between DEXs is about the same.

h/t @nansen_ai

LOOOOL, @VitalikButerin removed liquidity from the SHIB pool

https://twitter.com/FrankResearcher/status/1392040062033047554

@VitalikButerin He dumped AKITA