Platypus, a decentralized finance (DeFi) protocol, suffered a flash loan attack nearly two weeks ago, resulting in a loss of approximately $9 million from its main pool. However, Platypus confirmed that the attack was possible due to a code being placed in the wrong order. Platypus contacted the hacker to negotiate a bounty and launched an investigation into the incident.
The Compensation Plan
Despite the attack, the Platypus team worked on meeting a compensation plan for users’ funds. The team announced that they are seeking to return around 78% of its main pool funds by re-minting frozen stablecoins.
Platypus introduced a page that allows viewers access to check the allocated compensation they can get from the platform. The page also contains several sections that help users understand how much they are owed after the exploit, including an overview, a pre-attack net value, and post-attack adjustments.
The team also emphasized that if users find any error associated with the calculation, they could submit a form with evidence supporting their claim before 11:59 pm UTC, March 3rd. Meanwhile, the protocol highlighted that they would finalize the calculation once all feedback had been received.
However, the team is still trying to recover any remaining funds. Accordingly, many Platypus users hope to receive all their funds once the platform fully recovers all the stolen funds.
A Fresh Hope
It is worth mentioning that flash loan attacks aren’t new. Avi Eisenberg used the same hack method last October to manipulate the price of the native token of mango markets (MNGO). The hacker even boasted the technique is legal following his arrest about two months after committing the hack.
In a related development, two suspects of the platypus hacking incident are now in police custody following their arrest in France. While announcing the update, a Platypus spokesperson thanked Binance exchange and ZachXBT for their help in arresting the suspects.