we will explore essential operational capabilities necessary for ensuring the security and integrity of decentralized finance (DeFi) platforms. Among these capabilities is the ability to blacklist wallets, transfer funds, and pause or terminate contracts in response to threats. Additionally, we will delve into a recent hack on a DeFi platform known as the Tendery hack, which involved a variation of price oracle misconfiguration. By examining these incidents, we aim to understand the importance of operational readiness and proper configuration in safeguarding DeFi systems.
Here is the verbatim discussion:
Right and two second thing we want you started on is having operation capability so important operational capabilities again starting there Blacklist wallets maybe they could black listed that wallet that imbalance the pool transfer pools right getting the money out of there basically saying All Is Lost and at least escaping with your money pause the contract kill the contract some sort of option some way to to respond to that threat another hack the tendery hack in earlier in March a def5 platform now this is actually a variation a price Oracle misconfiguration another publicly known event now in solidity the decimal point is not explicit or strictly defined it is implicit or understood essentially the owner decides where the decimal place will be and they handle it accordingly if you have let's say this is very simplified again a number with 10 places and the number is one eight and then eight zeros right with the decimal point at the second place that's quite a different number than 1 eight and eight zeros it's much larger now throughout this contract the numbers were being handled correctly right handled with desm plat where the owner wanted it to be all except for the GMX token it was not so one GMX token.
Comments