QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$661 000 USD
AUGUST 2022
GLOBAL
OPTIFI
DESCRIPTION OF EVENTS
"OptiFi is the first derivative DEX utilizing "Portfolio Margin" across all financial instruments with the same underlying asset.
We see there are three main problems with derivative DEXes: Lack of high performance blockchain infrastructure; Inefficient margining and collateral system designs; Not enough liquidity on the order book.
To combat these problems, OptiFi is built on Solana and Serum to offer low cost and high-speed execution.
Utilizes portfolio margin and partial liquidation to enhance capital efficiency, and offers the first ever on-chain options AMM with delta-neutral strategy to ensure continuous liquidity across all financial instruments on OptiFi.
Unlike typical margin requirements that set margins independent from each instrument, Portfolio Margin takes all instruments with the same underlying asset into account, and nets them against one another, creating lower margin requirements and offsets risks for the user."
"Derivatives-focused decentralized finance (DeFi) platform OptiFi accidentally closed its mainnet platform in a programming blunder, locking away $661,000 in USDC."
"On August 29, the company says one of its developers was trying to update the program on the Solana blockchain and accidentally used a command that shutting the whole thing down in one fell swoop."
"On 29th August around 06:00 UTC, we had an update to our Solana program code, so our deployer tried to upgrade the OptiFi program on Solana mainnet." "At 06:07 UTC - The command line was executed successfully and the OptiFi program was closed."
That means over half a million dollars worth of USDC are now "not recoverable at the moment of writing," according to the blog post.
"We sincerely apologize for a program incident leading to the sudden closure of the OptiFi mainnet program and we could not recover it," the company's blog post on the blunder reads. "We will compensate all users’ funds and prevent it from happening again."
"We promise that we will return all users’ deposits and settle all user positions manually according to Pyth oracle at 8 AM Sep 2nd UTC. All transactions and deposits will be based on Solscan. The estimated process time will be two weeks."
"In a tweet, OptiFi said that 95% of total value locked is from one of its team members, meaning that customer asset may equate to only $33,000."
"We didn’t realize that the program was closed permanently until the error above showed up. It’s basically saying that our deployed program has been closed and cannot be re-deployed, unless a new program id is used."
"Here it turned out that we didn’t really understand the impact and risk of this closing program command line. ‘solana program close’ is actually for closing the program permanently and sending the SOL tokens in the buffer account used by the program back to the recipient wallet."
"ALL the users’ margin accounts USDC tokens, option tokens, and AMMs USDC vaults are locked in where they are, because they are using PDAs, which are bound to optFiKjQpoQ3PvacwnFWaPUAqXCETMJSz2sz8HwPe9B."
"We suggest Solana officials add the warning regarding the irrecoverable result of closing a program in Solana Docs and Command-Line Interface (CLI) to help Solana devs understand the function."
OptiFi was a DEX service which sought to process more transactions, optimize the liquidation process, and enable more liquidity in markets. On August 29th, the developers made a mistake and permanently closed down their smart contract, with the entire market coming to an end and a reported $661k worth of funds being locked in the smart contract.
HOW COULD THIS HAVE BEEN PREVENTED?
The best prevention strategy surrounds the usage of multi-signature on all key decision points.
In addition, having a greater review of the smart contract would likely have identified that funds could be locked up permanently in the event of the protocol closing down.
Reddit - Dive into anything (Sep 2)
Crypto Dev Enters Wrong Command, Destroys Entire Company (Mar 27)
Solana-Based DeFi Protocol OptiFi Loses $661K in Programming Blunder (Mar 27)
Explorer | Solana (Mar 27)
Explorer | Solana (Mar 27)
@OptifiLabs Twitter (Mar 27)
@OptifiLabs Twitter (Mar 27)
OptiFi: TVL and Stats - DefiLlama (Mar 27)
OptiFi - a BIG leap forward in DeFi - YouTube (Mar 27)
https://web.archive.org/web/20220830225235/https://www.optifi.app/ (Mar 27)
Explained: The OptiFi Glitch (August 2022) (Mar 27)
Solana | OptiFi (Mar 27)
