Euler Finance has introduced a new credit system, Euler v2, almost 18 months after a devastating flash loan attack cost the platform millions. This updated version is designed to help users manage lending risks by offering a toolkit for creating and customizing ERC-4626 vaults.
The solution gives users the flexibility to choose between lending options that either isolate risk or group assets together and offer passive lending or fixed-rate vaults for more controlled investment. According to a protocol, Euler v2 has undergone thorough security checks, with over 12 cybersecurity firms conducting audits, resulting in 31 reports so far.
Additionally, the protocol offered a $1.25-million bug bounty after these audits, but the audits found no significant issues. In total, earlier statements indicate that they invested about $4 million in securing Euler before its relaunch.
Flash loan exploit and recovery
In Mar. 2023, Euler faced a major security breach when hackers exploited a vulnerability and made off with $195 million using a flash loan attack. However, the hacker eventually returned all the stolen funds. In a flash loan attack, the hacker takes out a massive, unsecured loan, manipulates the value of assets in one quick transaction, and profits from the brief price fluctuations before instantly paying back the loan.
In the Euler hack, the attacker used two accounts to exploit the system. With the first account, they borrowed from the platform and used a “donate” function to artificially lower the value of their collateral, causing a default. Then, using a second account, they liquidated the first account, taking advantage of Euler v1’s discounted liquidation process to gain more assets than they lost.
According to the DefiLlama report, the protocol currently holds $3.5 million in total value locked, with around $343,000 in borrowed funds. Over the years, the protocol has raised more than $40 million from various investors.