$773 000 USD





"Visor Finance is a Uniswap based protocol that is specialized in NFT smart vaults for liquidity provisioning. It predicts the DeFi ecosystem where market conditions can unlock liquidity from networks of independent smart vaults."


"Visor allows DeFi participants to utilize NFT Smart Vaults for liquidity provisioning and active liquidity management on Uniswap v3." "Visor's community is thousands strong and is distributed across a variety of channels."


"As @uniswap v3 makes liquidity provision more complicated for the common man, @VisorFinance allows you to compete with professional liquidity providers by pooling peoples liquidity together and dynamically concentrating it around price to maximize returns for you."


"On Thursday, Nov 25th 1:18pm UTC an economic attack was carried out on Visor's OHM-ETH 1% LP management contract by a malicious contract. Users funds were secured in full and deposit caps lowered were to put a hold on new deposits until a deposit proxy is deployed into production."


"Hello, one of DeFi's oldest exploits - Trusting spot price of a DEX." "The underlying issue is their reliance on spot prices for issuing shares. The spot price can be manipulated." "Price manipulation is a classic economic exploit. Visor relied on floating deposit caps and total supply caps to mitigate this possibility by prohibiting large single-sided deposits and large shares of LP tokens to be minted at once." "While this has been sufficient for pools like WBTC-ETH 0.3% where liquidity distribution is deep and symmetric, it can only go so far at safeguarding pools offering steep gradient opportunities for (relatively) cheap tick traversal."


"Everyone is thirsty for drama, here are the facts: No funds at risk, all users are safe. No smart contract bug. No operational security exploit. It was Uniswap v3 economic arbitrage. The arbitrage resulted in minor treasury assets lost for Visor and in test positions." "This process was repeated in 2 additional instances, with diminishing returns until the profitable liquidity gradient was exhausted." "It is interesting to note that a potential second attacker, what appears to be a generalized MEV bot, conducted a similar attack in between the second and third instances of the attack, in block 1368725."


"Visor’s test hypervisors without the usual individual and global caps function as bounties for arbitragers to exploit positions. This has only strengthened our conviction in the current safeguards and necessary restrictions at the contract level on public and private hypervisors."


"While we cannot see the contract code, it is easy to understand that the attack vector relied on large swaps to manipulate the Uniswap V3 pool's current price. Given the steep gradient in the liquidity distribution of this pair, we see that it is an attractive candidate for price manipulation, as after an initial threshold where liquidity is highly concentrated, impacting the price requires a relatively small amount of assets."


"Due to the composable nature of Visor's management contracts, deposit proxies can be deployed and permissioned as gatekeepers. Varieties of these proxies have been used consistently in the past when deposit restrictions were desired."


"The team will be deploying such proxy into production in the coming days and resume deposits."


"User funds were lost in the first incident but will be reimbursed. The rest of the pools were apparently test pools with only team funds (100k+)."

Visor Finance liquidity pool suffered from an arbitrage attack, which drained at least $773k of funds. The team has promised upgrades to the smart contract hot wallet and all funds will be reimbursed.

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.