Spartan Protocol, a decentralized protocol built on Binance Smart Chain for incentivized liquidity and synthetic assets, was exploited earlier Sunday UTC due to “a flawed liquidity share calculation” in the protocol, resulting in a loss of more than $30 million, according to a medium post by on-chain analysis and security startup Peckshield.
“In particular, the specific hack inflates the asset balance of the pool before burning the same amount of pool tokens to claim an unnecessarily large amount of underlying assets,” the post read.
“What we know so far – attacker used $61 million in BNB to overcome the pools via a[n] as yet unknown economic exploit path to remove roughly $3 million in funds from the pools,” according to the official Twitter account of Spartan Protocol, which first reported the incident around 12:21 AM UTC May 2.
According to Spartan Protocol’s official website, the decentralized finance (DeFi) liquidity platform “provides community-governed and programmable token emissions functions to incentivize the formation of deep liquidity pools.”
The attack came just a few days after Binance Smart Chain’s DeFi exchange Uranium Finance lost more than $50 million in exploit on April 28 from a similar attack.
The attack on Spartan Protocol makes it the sixth biggest monetary exploit in DeFi history, according to Rekt, after EasyFi’s $59 million, Uranium Finance’s $57.2 million, Kucoin’s $45 million, Alpha Finance’s $37.5 million and Meerkat Finance’s $32 million.