Decentralized exchange QuickSwap is closing its lending market after one of its lending pools Market XYZ fell victim to an on-chain exploit.

Photo by Muha Ajjan on Unsplash

On Oct. 24, blockchain security firm PeckShield alerted users to a flash loan attack on Market. The exploiter manipulated the price of miMATIC – an algorithmic stablecoin collateralized with MATIC tokens – due to a vulnerability in the Curve Oracle. 

The attacker managed to steal $220,000 worth of crypto in the exploit, which had been deposited by the Qi Dao protocol (the protocol behind miMATIC) and no user funds were compromised. QuickSwap said it has been “strongly encouraging” Market XYZ to compensate Qi Dao for its losses.

QuickSwap noted that only the Market XYZ lending market was compromised, while the main decentralized exchange’s smart contracts were unaffected.

 “We are encouraging users with funds deposited in Market xyz’s open markets on QuickSwap to withdraw them now, as we are in the process of closing them down,” stated the team.

Qi Dao also took to Twitter to clarify that the exploit on Market XYZ was completely unrelated to its own smart contracts, sharing details of its risk management process. Qi Dao said it exclusively uses Chainlink oracles to price its collateral assets, which ensures the value backing its algorithmic stablecoin is not manipulated. 

Meanwhile, some blockchain developers claimed that they reached out to the Market team to inform them of the threat several hours before the exploit, but no action was taken.