Eminence Finance - The DeFi hack of the year
Background
Without a doubt, one of the craziest times in Crypto is still happening. Within a few hours a single tweet caused shock within the DeFi community and ultimately led to a $15 million rug pull.
The Timeline
Last week Andre Cronje (the founder of YFI) posted a tweet announcing the new Yearn system would incorporate Synthetix, Aave, and Chainlink. The tweet was also accompanied by a poll asking followers if they would rather a whitepaper to explain how this would work before launching or if they would rather be surprised. Unfortunately, 53.7% of voters would rather be surprised, this would ultimately factor into the future Eminence launch.
At 4 am September 28th AEST time another one-line tweet was posted by Andre - “BancorBondingCurve is cool”. For those unfamiliar with a bonding curve, it is how Automated Market Makers (AMM) that a lot of Decentralised exchanges run on determine the price when swapping between assets. Rather than wait for a corresponding party to trade with all trades are automatically transferred through a liquidity pool to determine the price.
Again at the time it didn’t mean much but would soon be the cause of rife speculation.
The tweet that kicked off the storm was on 3 am September 29th, Andre retweeted an image from Eminence.Finance, a brand new twitter account, and at the time it was the only tweet from the page.
At the same time, people sniffing around Andre’s accounts found Eminence Finance contracts deployed by Yearn Deployer. Some realized it could be a scam straight away and thought with a single tweet and no information there was no point diving head first. A lot however thought this could be the next YFI and took the plunge.
There were two ways people could get EMN (the new eminence finance token), they could buy it on Uniswap as it was quickly listed or they could actually use the contracts deployed and mint their own tokens in exchange for Dai. The way minting worked was pretty simple and could be done through etherscan, the catch was the more tokens that were minted the lower the ratio of Dai to minted tokens became. This was a simple bonding curve which based on the previous tweet lead people to believe EMN could be linked to the new Yearn protocol.
At this point, no information had been posted about what EMN was or how it worked so everyone’s imagination was running wild.
People also started using other Eminence contracts deployed by Yearn, you could trade EMN for other new tokens like eLINK, eSNX, and eYFI. The names suggested that the value could be tied in some way to the respective tokens they were named after leading to the expectation that this could be the new 1000x in DeFi.
One of the more reasonable theories at the time was “They created an AMM for all major DeFi protocols that allow traders to go back to EMN when they want to stabilize (backed with dai). The more money moves into EMN and the higher the price or EMN. The more people buy the derivatives and the lower the EMN price is. So big picture if the market moves down, people ape in EMN, and as more people ape in their holdings has more value. Then they can transfer to derivatives with the same risk (bonding) curve as the EMN which gives them somewhat a linear risk to re-enter derivatives coins.”
Basically, they were adding functionality to Yearn by creating an AMM specifically for the DeFi space. Given it looked like it was genuinely part of the Yearn.Finance protocol the new tokens could be worth a lot more when they were eventually used as part of the new ecosystem.
At 11:14 am AEST on the 29th Andre retweeted another one of Eminence.Finance tweets, another image similar in style to the last one.
Less than 15 minutes later the rug was pulled on EMN and $15 million stolen from crypto users. Twitter and telegram went into a state of panic trying to figure out what happened, the kicker - $8 million of the proceeds were transferred back to Andre and the Yearn deployer.
It came clear from Andre and other YFI holders that the hack was based on an $8 million dollar flash loan which then as Andre put it “mint a lot of EMN at the tight curve, burn the EMN for one of the other currencies, sell the currency for EMN.”
In the aftermath Andre released four tweets explaining what had happened:
1/x First, the data;
-
Yesterday we finished the concept behind our new economy for a gaming multiverse. Eminence. As per my usual methodology, I deployed our staging contracts on ETH so we can continue developing on it.
-
Eminence is at least ~3+ weeks still away
-
These contracts, nor the ecosystem are final, yesterday alone you will notice I deployed 2 separate batches of the contracts, this is my usual "test in prod" process
-
We started releasing some of the art teasers to showcase all the different clans in the game on Twitter
-
We posted the first clan "Spartans". And I went to bed.
-
Around ~3AM I was messaged awake to find out a) almost 15m was deposited into the contracts b) the contracts were exploited for the full 15m and c) 8m was sent to my yearn: deployer account.
-
The exploit itself was a very simple one, mint a lot of EMN at the tight curve, burn the EMN for one of the other currencies, sell the currency for EMN.
An hour later one more tweet was sent by Andre:
“As I am receiving a fair amount of threats, I have asked yearn treasury to assist with refunding the 8m the hacker sent. The multisig is safer and as such I feel more comfortable with them having the funds. Funds will be returned to holders pre-hack snapshot.”
At this stage that’s all we know, in less then half a day someone made off with $7 million and crypto users lost $15 million.
What's Next
It will be an interesting couple of days as the Yearn team tries to figure out what to do and the whole world waits.
In the aftermath of the scandal, the YFI price dropped from nearly $29,000 to about $26,000 in a few hours.
There are still a lot of unanswered questions and even more angry people who lost thousands.
The first line of questioning is around if Andre is to blame for any of this. Twitter is divided strongly into two camps, those who think buyers of EMN shouldn’t have done so with such little information available and those who are questioning what Andre was thinking using his twitter and YFI resources to promote something not ready for the market.
If he didn’t want it found why use his address linked to YFI? Why use the YFI deployer if it wasn’t linked to the project? Why retweet the second Eminence image if he knew about the blow-up in speculation and knew it wasn’t ready?
On the other hand, the question behind Andre fans is why was anybody buying a coin with no information available and no website or socials behind it?
The next line of questioning is a bit more interesting, what are they going to do now. They hold half the proceeds from the hack which heavily implicates Andre directly. As per Andre’s last message they have been transferred to the multi-sig address so it is no longer up to just Andre but rather the Yearn team.
The first option is perhaps the simplest but would leave a lot of people very unhappy, return the funds to the hacker. This would show Yearn’s lack of involvement in the hack but means everything that traded is left with nothing. The next option would be to distribute the funds to YFI holders, after all the funds were transferred to Yearn and given YFI holders are meant to represent the governance of the project they could decide to do it this way.
The option that most are hoping for is that the funds will be transferred back to people who held EMN before the hack. This could mean people get up to half their money back but leads to more technical questions and at the end of the day, not everyone will be happy with the course of action Yearn takes.
Should they transfer based on the token amount at the time of the hack? Do they take into account the price people bought at as not to reward early buyers? Do they take into account the derivative contracts such as eYFI? Are stakers part of this equation as well?
Whatever happens next the reputation of Andre and Yearn depends on the outcome, being somewhat linked to a hack can leave a mark for years but being this directly involved could lead to serious repercussions.
The only thing to do now is to wait and see what happens next!
The information provided on this website is general in nature and is not tax, accounting or legal advice. It has been prepared without taking into account your objectives, financial situation or needs. Before acting on this information, you should consider the appropriateness of the information having regard to your own objectives, financial situation and needs and seek professional advice. Cryptotaxcalculator disclaims all and any guarantees, undertakings and warranties, expressed or implied, and is not liable for any loss or damage whatsoever (including human or computer error, negligent or otherwise, or incidental or Consequential Loss or damage) arising out of, or in connection with, any use or reliance on the information or advice in this website. The user must accept sole responsibility associated with the use of the material on this site, irrespective of the purpose for which such use or results are applied. The information in this website is no substitute for specialist advice.