Geist Finance, a prominent lending protocol operating on the Fantom network, has recently announced its permanent closure. This decision comes in the wake of significant losses incurred due to the Multichain exploit. In a social media post on July 14, the development team behind Geist Finance confirmed that they have no plans to reopen the platform’s lending and borrowing services.
It is disheartening to witness the demise of Geist Finance, especially considering the impressive $29 million worth of cryptocurrency assets that were locked in its contracts prior to the exploit. The lending protocol facilitated borrowing, lending, and the use of bridged tokens from the Multichain platform as collateral. These bridged tokens included popular cryptocurrencies such as USD Coin (USDC), Tether (USDT), Bitcoin (BTC), and Ether (ETH). Geist Finance heavily relied on Chainlink oracles to track the prices of these assets, which determined their collateral and loan values.
The recent social media post by Geist Finance shed light on the issues surrounding the Chainlink oracles. It appears that these oracles have ceased to provide reliable information. Instead of displaying the values of the Multichain derivatives, the oracles now present the values of the non-bridged, or “real,” versions of each coin. The real values of these coins are significantly higher than those of their Multichain counterparts. Geist Finance shared the unfortunate reality, stating, “Those assets are currently trading at around 22% of their real value.” This discrepancy makes it impossible for Geist Finance to resume lending activities without subjecting the holders of non-Multichain coins to bad debt.
The Multichain hack initially came to public attention on July 7 when blockchain analytics experts highlighted abnormal transactions. Over $100 million had been withdrawn from the Ethereum side of Multichain bridges, involving Dogechain, Fantom, and Moonriver. Although the Multichain team acknowledged the abnormality, they refrained from labeling it as a hack or exploit.
On July 11, an on-chain investigation specialist known as Spreek reported that an unidentified individual was draining funds from the protocol using a fee-based exploit. Subsequently, on July 14, the Multichain team confirmed the hack and revealed that the withdrawals made on July 7 were indeed a result of the breach.
The network’s private keys were stored in a cloud server account, with the team’s CEO having complete control over it. Shockingly, the team admitted that the CEO, subsequently apprehended by Chinese authorities, had stored all shards of the private keys in this single account, contrary to their own documentation, which explicitly stated that no single server had access to all the shards of a key. The hacker took advantage of this centralized storage and drained funds from the protocol.
Furthermore, the social media post on July 14 disclosed that the fee-based attack on July 11 was actually an attempt to counter-exploit initiated by the CEO’s sister under the Multichain team’s guidance. However, the CEO’s sister was also later arrested, leaving the condition of the retrieved assets uncertain.
With the closure of Geist Finance, the future of this lending protocol hangs in the balance. The devastating loss of millions of dollars, the inability to reimplement lending and borrowing services, and the uncertainty surrounding the recovered funds pose significant challenges for both the Fantom network and its users.
It is crucial to highlight that Geist Finance holds no grudges against Chainlink oracles, as they performed their intended functions. Instead, the blame falls solely on Multichain. Geist Finance explicitly stated, “@MultichainOrg here is to blame.”
The aftermath of this exploit leaves the cryptocurrency community eagerly awaiting any updates on developments and potential resolutions for the affected parties. It serves as a stark reminder of the vulnerabilities present in decentralized finance and the utmost importance of robust security measures to protect users’ funds.
The permanent closure of Geist Finance serves as a somber reminder of the potentially ruinous consequences that an exploit can have on a lending protocol. The massive losses incurred due to the Multichain hack, coupled with the inability to resume operations and uncertainty surrounding recovered funds, have dealt a severe blow to the Fantom network and its users. As the aftermath of this exploit continues to unfold, it is imperative that the cryptocurrency community reevaluates security measures and strives to enhance the resilience of decentralized finance platforms. Only through robust and efficient security protocols can users’ funds be safeguarded from malicious actors seeking to exploit vulnerabilities in the system.