{"id":26393,"date":"2023-12-09T18:07:41","date_gmt":"2023-12-09T18:07:41","guid":{"rendered":"https:\/\/nftandcrypto-news.com\/crypto\/lifinity-usdc-pool-drained-by-arbitrage-bot\/"},"modified":"2023-12-09T18:07:43","modified_gmt":"2023-12-09T18:07:43","slug":"lifinity-usdc-pool-drained-by-arbitrage-bot","status":"publish","type":"post","link":"https:\/\/nftandcrypto-news.com\/crypto\/lifinity-usdc-pool-drained-by-arbitrage-bot\/","title":{"rendered":"Lifinity USDC pool drained by arbitrage bot"},"content":{"rendered":"

<\/p>\n

\n

Decentralized exchange (DEX) Lifinity had its LFNTY-USDC pool drained by an arbitrage bot on Dec. 8. According to Lifinity\u2019s Discord channel, an unexpected response to a failed trade caused the $699,090 loss.<\/p>\n

A Lifinity’s core member known as Durden explained that a bot attempted an arbitrage trade following the route USDC > xLFNTY > LFNTY > USDC, trying to profit from price discrepancies between different trading pairs.<\/p>\n

\n

Here’s how the events transpired in the @Lifinity_io<\/a> Discord when the 700k arb happened<\/p>\n

I noticed something wrong with LFNTY’s price and alerted zoro, one of the devs on the platform. <\/p>\n

At first glance, it appeared that the protocol had gotten hacked pic.twitter.com\/ebXfK9pDW3<\/a><\/p>\n

\u2014 Shardo (@DrashoWho) December 8, 2023<\/a><\/p><\/blockquote>\n

The bot initiated an Immediate-or-Cancel (IOC) market order on Serum v3, a type of order that must be executed immediately at the current market price if filled. Orders that cannot be filled immediately are canceled.<\/p>\n

“But instead of returning an error, as most programs do, it returned 0 amount out. Our pools processed the 0 amount in and also returned 0 amount out,” Durden noted, before explaining that it led the program to update the last transaction price to 0, making the next starting price also 0. “Since it\u2019s a CP curve, the actual price won\u2019t be 0, but the pool did offer an extremely low price, resulting in the drain right after.”<\/p>\n

Lifinity v1 is an automated market maker (AMM), which means it uses algorithms to create liquidity in trading pairs. According to Durden, it relies on constant product market maker (CPMM), a specific type of AMM model, to maintain an equilibrium between two token quantities in a liquidity pool.<\/p>\n

Other decentralized exchanges, such as Unisawp and Bancor, also use this model. Lifinity v1 doesn\u2019t support a standard constant product (CP) curve used in traditional CPMMs, but it can replicate its function. One of the solutions used to replicate it was calling a “last price” function to the next starting price. However, since the bug returned a 0 price, the bot was able to exploit the discrepancy and wipe out the funds.<\/p>\n

Cointelegraph reached out to Lifinity\u2019s team but did not receive an immediate response. On X (former Twitter), a community member pointed out that the incident was not<\/a> a result of an attack. <\/p>\n

Lifinity’s team is apparently working on reintroducing liquidity to the pool while reviewing the protocol code and attempting to recover funds. Trades resulting in 0 amounts are no longer accepted. <\/p>\n

Magazine:\u00a0<\/em><\/strong>Exclusive \u2014 2 years after John McAfee\u2019s death, widow Janice is broke and needs answers<\/em><\/strong><\/p>\n<\/div>\n