Euler Finance, a lending protocol that recently suffered a $200 million hack, is facing challenges in its recovery. A survey of the top five DeFi hacks in terms of dollar value reveals that each protocol’s total value locked (TVL) has decreased by at least 96% since the hacks occurred. This suggests that it is not solely due to depressed asset prices, but also a lack of confidence in the protocols themselves.
Each hack had its unique characteristics. Flash loans and price manipulations were common methods employed by attackers. For instance, in the case of CREAM Finance, the protocol was manipulated into believing that the attacker had control over a substantial amount of assets, leading to the depletion of lendable assets. Similarly, attacks on BonqDAO and Mango Markets involved manipulating price feeds and inflating token values, respectively.
Recovering from hacks is historically challenging, even after vulnerabilities have been patched. The reputational damage can be severe, making it difficult for protocols to regain users’ trust, especially in the DeFi sector, where exploits and rug pulls are prevalent. The size of the exploit plays a crucial role in the impact on reputation and trust. Projects that swiftly reimburse users have a better chance of remaining viable.
Trust in a project can be compromised even if the team continues to develop and build. BadgerDAO, for example, has made efforts to refine its governance processes and propose recovery measures following its hack. However, the protocol has struggled to attract deposits as users remain cautious.
Some projects, such as Uranium Finance, have folded entirely following a hack, with no public communication since the incident.
Overall, recovering from hacks poses significant challenges for DeFi protocols, primarily due to the loss of trust and the cautious nature of users within the ecosystem.