Levana Protocol exploited for over $1 million on Osmosis blockchain
Quick Take
- Perpetuals-trading protocol Levana suffered an exploit — resulting in a loss of over $1.1 million.
- The exploit, which lasted 13 days, let an attacker drain 10% of Levana’s liquidity pools.
Levana, a perpetual swap protocol on the Osmosis blockchain, fell victim to an exploit — resulting in the loss of over $1.1 million from its liquidity pools.
The exploit occurred over 13 days, according to a post-mortem report provided by the team. Between Dec. 13 and Dec. 26, the attackers drained 10% of the liquidity pools on Levana.
Attackers took advantage of a congestion attack on the Osmosis chain, which hampered the ability of Levana users to interact with the markets. This was compounded by a bug in the fee market code of Osmosis and “price staleness” in Levana’s integration with the Pyth oracle, enabling the attackers to manipulate prices and drain the pools.
“A bug in the Osmosis fee market code meant that during times of congestion, the provided gas price was generally insufficient for making trades or performing ongoing bot maintenance activities,” Levana wrote.
The team clarified that there is no vulnerability with the Pyth oracle as it “behaved exactly as expected.”
Levana is working on a fix that will be deployed in an upgrade of its code on chains where Levana is offered: Osmosis, Sei and Injective.
It added that existing trade positions and profits remained unaffected despite the exploit. However, new positions and modifications to existing ones have been temporarily halted until a scheduled update next week.
Levana plans to compensate affected liquidity providers through an airdrop and the distribution of collected protocol fees during the attack period.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
