DeFi Protocol Gamma Strategies Faces $3.4M Security Breach

Gamma Strategies, a decentralized finance (DeFi) protocol operating on the Ethereum blockchain, fell prey to a significant security breach. This exploit resulted in the loss of approximately $3.4 million, as first detected by blockchain security firm, PeckShield, on January 4. The protocol has since confirmed the breach and responded by temporarily suspending new deposits to its public DeFi vaults, while continuing to allow withdrawals for users requiring access to their funds.

A Vulnerability in Price Change Threshold Settings

The protocol identified the root cause of the exploit: a vulnerability within the price change threshold settings of their vault safeguards. This flaw allowed for substantial deviations in price change, ranging from 50 to 200 percent for certain vaults. The attacker exploited this weakness to artificially inflate prices and mint an abnormal number of Liquidity Provider (LP) tokens.

Addressing the Issue

To prevent future exploitation, Gamma Strategies has committed to adjusting all price change thresholds to more secure levels and has also pledged to undergo a third-party code review. The protocol has also ensured to deliver a detailed post-mortem analysis of the incident. Despite this, there has been no official confirmation as to whether Gamma Strategies will offer compensation to the affected users, though they expressed a will to ‘maximize recovery for all affected users.’

Management and Rebalancing of Positions Remain Active

Despite the suspension of new deposits, Gamma Strategies reassured that the management and rebalancing of positions remained active and unaffected by the exploit. The closure of deposits for its public-facing vaults has nullified the attack vector, as a deposit is required for the exploit to take place. This incident adds to the growing list of security breaches in the cryptocurrency sector, underscoring the need for increased resilience and robust security measures in the face of widespread threats.