Levana Protocol Falls Victim to Oracle Attack, Losing $1.14 Million
The perpetuals trading protocol, Levana, has experienced an oracle attack that resulted in a loss of $1.14 million. The attack took place between December 13th and December 26th, during which the attackers siphoned off 10% of Levana’s liquidity pools.
Exploiting Congestion Attack and Vulnerabilities
The perpetrators carried out a congestion attack on the Osmosis chain, disrupting Levana users’ ability to engage with the markets. This was further compounded by a flaw in Osmosis’ fee market code and “price staleness” in Levana’s integration with the Pyth oracle. These vulnerabilities allowed the attackers to manipulate prices and deplete the pools.
No Known Vulnerability in Pyth Oracle
Although the Pyth oracle played a key role in the attack, there is no known vulnerability in its system. The Levana team clarified that the Pyth oracle behaved as expected during the incident.
Understanding Oracle Attacks
Oracle attacks involve manipulating information from an external data source to deceive smart contracts or blockchain protocols. This manipulation can lead to incorrect outcomes or financial losses.
Affected Markets and Perpetual Swap Mechanism
Several markets were affected by 7 suspected malicious actors. However, Levana’s perpetual swap mechanism provided strong guarantees of protocol and trader solvency, limiting the impact on other traders’ positions and profits.
Developing a Solution and Compensation Plan
Levana is actively working on a solution through a code upgrade across Osmosis, Sei, and Injective chains. While existing trade positions and profits remain unaffected, the creation of new positions and modifications to existing ones have been temporarily suspended. Additionally, Levana plans to compensate affected liquidity providers through an airdrop and distribution of collected protocol fees from the attack period.
Hot Take: Levana Protocol Faces Oracle Attack, Suffers Losses
Perpetuals trading protocol Levana recently experienced an oracle attack that resulted in a loss of $1.14 million. The attack exploited vulnerabilities in the Osmosis chain and Levana’s integration with the Pyth oracle. Despite this incident, Levana’s perpetual swap mechanism provided strong guarantees of solvency for traders. The platform is actively working on a solution and has plans to compensate affected liquidity providers. While existing trade positions and profits remain secure, new positions and modifications are temporarily suspended. This attack highlights the importance of robust security measures in the crypto space.