DeFi Analysts on How to Mitigate Risks Like the Double-Spend on Opyn Network

By Nivesh Rustgi
Published August 5, 2020 Updated August 8, 2020
Best Buy In

DeFi Platform



Image courtesy of PXHere

DeFi Analysts on How to Mitigate Risks Like the Double-Spend on Opyn Network

By Nivesh Rustgi
Published August 5, 2020 Updated August 8, 2020

A vulnerability in the Opyn DeFi contract allowed hackers to steal up to 371,260 USDC. Put oTokens (oETH) from Uniswap on Opyn had a flaw which allowed ‘double spending’ of value.

Tim Ismilyaev, CEO and Founder at Mana Security, explained the hack to us in layman terms,

In one of the transactions, the attacker sent 75 ETH and got 150 ETH equivalent in USDC.

The smart contract responsible for the operation had two “vaults”, which contained enough assets to pay the collateral. But after sending 24,750 USDC (e.g., 75 ETH), the contract didn’t burn the attacker’s balance, so after switching to the next vault, it assumed that the attacker should get another 24,750 USDC. That’s commonly called “double spend.”

The developing team behind Opyn attempted to retrieve the funds back by using white hacks methods and paying up to 20% extra on ETH prices. The co-founder of Opyn, Alexis Gauba, stated that they were working on a plan “to mitigate impact for ETH put sellers.” In a recent update by Opyn on Twitter the team notes,

We will be reimbursing ETH put sellers in full who were affected by the vulnerability. We will have more details re reimbursement process in the next 3 days

This is Just the Beginning

Although DeFi stands for Decentralized Finance, there is only a certain degree of decentralisation that can be implemented in these contracts. Moreover, before launching Ismilyaev suggests that a step needs to be added to this. He says,

… best practice for DeFi companies to prevent such issues is to conduct an external audit of their smart contracts before using them in the wild. But the vulnerable contract wasn’t audited in this way, which lead to stolen assets.

Another prominent issue with decentralization is the ‘re-entrancy’ problem. This is very similar to what occurred with Opyn, where the interaction between two pools was flawed. Sami Tannir, DeFi analyst at Conflux explained the problem to us,

a contract interacts with another contract, but the second contract chooses to call (or re-enter) the first contract and is able to achieve a goal that is different from the developer’s original intent.

Hence, despite the growth of the DeFi design, there is a possibility of loopholes being exploited and in some cases trust being broken. The role of centralized Financial Services entities in the future would be analysing and downplaying these risks.

How long do you think before DeFi ecosystem becomes ubiquitous? Please share your views with us. 


The presented content may include the personal opinion of the author and is subject to market condition. Do your market research before investing in cryptocurrencies. The author or the publication does not hold any responsibility for your personal financial loss.
About Author
Nivesh Rustgi
1181 Articles
Nivesh from Engineering Background is a full-time Crypto Analyst at Coingape. He is an atheist who believes in love and cultural diversity. He believes that Cryptocurrency is a necessity to deter corruption. He holds small amounts of cryptocurrencies. Faith and fear are two sides of the same coin. Follow him on Twitter at @nivishoes or mail him at nivesh(at)

Loading Next Story