The Altcoin Resupply protocol was targeted in an attack that resulted in significant financial loss due to price manipulation.
Price Manipulation and Vulnerability
On June 26, the Altcoin Resupply protocol suffered an attack during which the attacker artificially inflated the share price of wrapped cvcrvUSD used in Convex Finance. This manipulation disrupted collateral ratio calculations in the Resupply's CurveLend: crvUSD/wstUSR contract, allowing the attacker to borrow 10 million reUSD with minimal cvcrvUSD collateral. Consequently, they exchanged reUSD for other assets in external markets. The Resupply team paused the affected contract.
Ongoing Impact of the Attack
The withdrawal of 10 million reUSD coins from the protocol post-attack triggered temporary fluctuations in the Resupply market. The project team announced the suspension of affected contracts and plans to unveil a compensation plan for affected users soon. Although the price of cvcrvUSD reverted to its original level following the donations, the imbalance in debt and collateral caused permanent losses in lending portfolios.
Resupply Team's Compensation Plans
Analysts noted that recovering reUSD would be a complex task due to its issuance from a limited pool. Discussions are underway regarding freezing blockchain scenarios to mitigate the damage. The Resupply team plans to implement more robust price control measures and utilize diverse oracles to enhance the security of its contracts.
The attack on the Altcoin Resupply protocol highlighted vulnerabilities in collateral mechanisms and pricing strategies, emphasizing the need for increased security measures in such systems.
