$174 000 USD





"Unfreeze Your Way to Wealth - Defrost Finance is the platform behind the next generation stablecoin and provides remunerative investment opportunities. A fully fair launch, decentralized project, its aim is to change the world of finance for good."


"A New Stablecoin Minted with LP Tokens - Backed by Liquidity Provisions tokens, H2O is the stablecoin of the future, maintaining a 1:1 peg to the US dollar at all times. It is safely overcollateralized and capable of powering any financial instrument."


"Defrost is a community-based project. Participants can deposit their assets in Liquidity Pools from swaps and mint H2O to acquire MELT, the platform’s governance token. This not only allows you to stake assets but gives you a seat at the table when decisions are made.


"Defrost finance was exploited on the 23rd december for 170k. Defrost Finance was audited by certik in November 2021."


"Defrost Finance is sad to announce that our V2 has suffered a hack, with an attacker using a flash loan function to withdraw funds.


The V1 is not affected. We will soon close the V2 UI and investigate further with our tech team.


Updates will be posted on our official channels."


"The total balance to be refunded to V1 users is 12,850,277 DAI.e."


"Defrost Finance’s “Defrost V1” and “Defrost V2” versions are being investigated for hacking. The hacker manipulated the LSWUSDC share price to the extent of almost $173,000 in profit. The Avalanche blockchain-based decentralized leveraged trading platform Defrost Finance revealed that both of its “Defrost V1” and “Defrost V2” versions are under investigation for hacking. Investors had reported losing their staked Defrost Finance (MELT) and Avalanche (AVAX) tokens from their MetaMask wallets when the announcement was made"


"A blockchain security company called Peckshield tweeted specifics about the attack on Friday. According to the company, the hacker took advantage of “the lack of a reentrancy lock” in the flashloan/deposit function of the DeFi protocol.


Reentrancy attacks happen when malicious parties take advantage of a flawed smart contract. The exploited smart contract sends money to a wallet address specified by the person who created the unauthorized smart contract via a malicious smart contract.


Defrost Finance team revealed that Defrost V2 had been targeted by a flash loan attack shortly after a few users voiced their concerns about the odd loss of funds. Defrost V1 was not thought to have been affected at the time. Thus, the platform chose to shut down V2 while it conducted additional research."


"According to blockchain researcher PeckShield, the hacker gained over $173,000 by manipulating the share price of LSWUSDC. After additional examination, PeckShield’s study showed:"


“Our analysis shows a fake collateral token is added, and a malicious price oracle is used to liquidate current users. The loss is estimated to be >$12M.”


"The platform chose to [only] shut down Defrost V2 at the time because it thought the breach had not impacted Defrost V1."

Defrost Finance, the platform behind the stablecoin H2O, designed for remunerative investment opportunities, suffered a hack on its V2 version on December 23, 2021. The attacker exploited a flash loan function, withdrawing 170k and manipulating the LSWUSDC share price, resulting in almost $173,000 in profit. The V1 version remained unaffected, and the platform promptly closed the V2 UI for investigation. Despite being audited by CertiK in November 2021, the hack exposed a lack of reentrancy lock in the flashloan/deposit function. Defrost Finance assures updates will be communicated through official channels.

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.