The Acala Network’s aUSD stablecoin depegged by over 99% over the past weekend and compelled the Acala team to pause a hacker’s wallet, raising concerns about its claim to be decentralized.
On Sunday, a hacker required advantage of the bug around the iBTC/aUSD liquidity pool which led to 1.2 billion aUSD being minted without collateral. The wedding crashed the U . s . States dollar-pegged stablecoin to $.01, as well as in response, the Acala team froze the erroneously minted tokens by putting the network in maintenance mode.
The move also stopped additional features for example swaps, xcm (mix-chain communications on Polkadot), and also the oracle pallet cost feeds until “further notice.”
We’ve identified the problem like a misconfiguration from the iBTC/aUSD liquidity pool (which went live earlier today) that led to error mints of a lot of aUSD
1/— Acala (@AcalaNetwork) August 14, 2022
As the proceed to place the network in maintenance mode and freeze funds within the hacker’s wallet might have been designed to safeguard users and also the network from the further harm, advocates of decentralization have cried foul.
Acala is really a mix-chain decentralized finance (DeFi) hub that issues the aUSD stablecoin in line with the Polkadot blockchain. aUSD is really a crypto-backed stablecoin which Acala claims is censorship-resistant. iBTC is a kind of Wrapped Bitcoin (wBTC), that you can use in DeFi protocols.
Community people have noted the irony of Acala’s claims about aUSD’s censorship resistance because the protocol froze funds so quickly. Twitter user Gr33nHatt3R.us dot stated on August. 14 that decisions “would must see governance to become ‘decentralized’ finance:”
“If Acala centrally controls that call is that this really DeFi?”
Part of the project’s Discord funnel usafmike suggested moving back the chain to turn back token mints altogether but was challenged by skylordafk.us dot, another member who stated this kind of action would “set a dangerous precedent.”
As of times of writing, the network was still being in maintenance mode to bar all token transfers, however the team confirmed the bug have been fixed. The wallets that received erroneously minted aUSD happen to be identified, and 99% of these remained as on Acala which leaves the chance that they might be retrieved through the community whether it votes to do this.
Related: Binance recovers nearly all funds stolen from Curve Finance
The Acala exploit may be the second major one per week as Curve Finance experienced a panic attack on its front finish on August. 9, which directed users to approve a malicious contract. Acala’s problem is different from Curve’s, because the latter’s pools weren’t compromised as users who directly interacted using its smart contracts experienced no issues.
aUSD may be the latest stablecoin to get rid of its peg previously couple of several weeks, beginning notoriously with TerraUSD (UST) in May, that has since been renamed to TerraUSD Classic (USTC). Other notable depegs include Tether (USDT) and Dei (DEI).