Decentralised Exchange ‘Osmosis’ Goes Offline After $5 Million Hack

The Osmosis decentralised exchange (DEX) has gone offline due to a US$5 million liquidity pool exploit. Core developers halted the network after a bug was uncovered by an Osmosis subreddit community member:

Network Suspended for ‘Emergency Maintenance’

Reddit user Straight-Hat3855 discovered the bug in the blockchain and shared it on the ‘Cosmos Network’ – the Osmosis subreddit. Straight-Hat3855 happened on the bug when depositing funds into the liquidity pool and immediately withdrawing them. Upon withdrawal, the value of the funds had unintentionally increased by 50 percent.

At 10:57pm EST, Osmosis’ core developers announced that the chain had been “halted for emergency maintenance”, much to the frustration of users. This emergency stoppage took 12 minutes to coordinate following the discovery of the bug:

Osmosis has since posted an update stating that the liquidity pools were not completely drained. The Osmosis token (OSMO) has been down by 6.96 percent in the past 24 hours.

Hackers Target DEXes

This year has been fraught with assaults on decentralised exchanges. In March, German DEX Li.Finance had one of its smart contracts exploited in an assault that resulted in a US$600,000 combined loss of assets taken from 29 users. Luckily the issue was rectified with a quick turnaround, and the investors were reimbursed.

At the beginning of May, DEX Saddle Finance lost US$14 million to hackers. The automated market maker began working with Bitcoin security organisation BlockSec to locate the funds. However, at the time it was deemed highly unlikely that US$10 million of the $14 million stolen would be recovered.