Nirvana Finance, a Solana-based yield protocol, suffered a $3.5 million exploit utilizing flash loans to manipulate and drain its liquidity pools, blockchain data shows.
The price of the protocol’s native ANA token fell over 80% in the past few hours, while its NIRV stablecoin lost its peg to the U.S. dollar and dropped to 8 cents at writing time, CoinGecko data shows.
Nirvana allowed users to earn annual yields of over 100% on their locked assets by creating and destroying tokens based on user demand as the ANA tokens were bought from and sold to the protocol. Over $3.5 million worth of ANA was locked on the protocol before the attack on Thursday.
Flash loans are a popular way for attackers to gain the funds to conduct exploits on decentralized finance (DeFi) systems. In April, the Beanstalk stablecoin protocol was drained of $182 million, and last month more than $1.2 million was taken from Inverse Finance.
The loans allow traders to borrow unsecured funds from lenders using smart contracts instead of third parties. They do not require any collateral because the contract considers the transaction complete only when the borrower repays the lender. This means a borrower defaulting on a flash loan would cause the smart contract to cancel the transaction and the money would be returned to the lender.
Data from blockchain explorers show the attack used over 10 million USDC sourced from lending tool Solend in a flash loan. At that point over $10 million worth of ANA was minted, or created, and the entire amount swapped to receive $3.5 million worth of tether (USDT) from Nirvana’s treasury wallet.
This was possible because the treasury considered the 10 million USDC infusion to be genuine. However, it wasn’t, and the protocol was hence tricked into releasing its treasury’s liquidity.
The attacker sourced over 10 million USDC in a flash loan and drained Nirvana’s liquidity pool. (Solana FM)
The total value locked on Nirvana fell to 7 cents in European morning hours following the attack. Its entire liquidity pool was effectively drained, data from DeFi Llama shows.
Value locked on Nirvana fell to 62 cents following the attack. (DeFi Llama)
The 10 million USDC was returned to Solend after the exploit. The stolen funds were transferred to the Ethereum network using Wormhole, a blockchain tool that connects Solana to other networks, and converted to DAI, an Ethereum-based stablecoin, blockchain data shows.
The attacker address – 0xB9AE2624Ab08661F010185d72Dd506E199E67C09 – currently holds over $3.5 million worth of DAI, blockchain data shows.
Nirvana’s trading functions were suspended by developers in European hours following the attack, as per messages by admins on the protocol’s Telegram channel.
Nirvana had not responded to requests for comments by publication time.
