Sonne Finance, a pioneering decentralized finance (DeFi) protocol operating on the Optimism Mainnet, has fallen victim to a devastating feat, which resulted in a loss of more than $20 million. The attack, suspected to have been orchestrated through a time-limited contractual loophole, has sent shockwaves through the burgeoning DeFi landscape.
Sonne Finance, a pioneering decentralized finance (DeFi) protocol operating on the Optimism Mainnet, has fallen victim to a devastating feat, which resulted in a loss of more than $20 million. The attack, suspected to have been orchestrated through a time-limited contractual loophole, has sent shockwaves through the burgeoning DeFi landscape.
According to information from PeckShield, a blockchain security company, Sonne Finance was the target of what appears to be a carefully orchestrated attack, exploiting vulnerabilities in the protocol’s smart contract infrastructure. The exploit, which involved a well-known donation attack technique commonly associated with Compound v2 forks, was developed despite the platform’s proactive measures to tighten security.
Suspended optimism markets
Sonne Finance, notable for being the first platform to launch a lending protocol on Optimism, quickly responded to the breach with an official blog post. In it statement, the team expressed its deep regret over the incident and detailed the sequence of events that led to the exploit. The attackers took advantage of a two-day time-locking feature, strategically executing trades to manipulate market making and collateral factors within the protocol.
Despite efforts to detect and mitigate the hack The Sonne Finance team quickly recognized the loss of funds and launched an urgent investigation into the identity of the perpetrators. In particular, the team highlighted the vigilant efforts of Seal contributors, whose quick action helped save approximately $6.5 million by injecting VELO tokens into the affected markets.
The exploit, detected by the Sonne Finance team approximately 25 minutes after it occurred, caused the immediate suspension of all Optimism markets operated by the protocol. Furthermore, the team promised to offer a reward to the exploiters and to refrain from taking legal action if the misappropriated funds were returned.
In an attempt to contain further damage and safeguard user assets, Sonne Finance quickly halted all market activities and engaged in dialogue with relevant stakeholders to explore avenues for fund recovery. The team reiterated its commitment to transparency and accountability, pledging to collaborate with external parties to comprehensively address the consequences of the attack.