- Topic
22k Popularity
13k Popularity
100k Popularity
3k Popularity
9k Popularity
- Pin
- 📢 Exclusive on Gate Square — #PROVE Creative Contest# is Now Live!
CandyDrop × Succinct (PROVE) — Trade to share 200,000 PROVE 👉 https://www.gate.com/announcements/article/46469
Futures Lucky Draw Challenge: Guaranteed 1 PROVE Airdrop per User 👉 https://www.gate.com/announcements/article/46491
🎁 Endless creativity · Rewards keep coming — Post to share 300 PROVE!
📅 Event PeriodAugust 12, 2025, 04:00 – August 17, 2025, 16:00 UTC
📌 How to Participate
1.Publish original content on Gate Square related to PROVE or the above activities (minimum 100 words; any format: analysis, tutorial, creativ - 💙 Gate Square #Gate Blue Challenge# 💙
Show your limitless creativity with Gate Blue!
📅 Event Period
August 11 – 20, 2025
🎯 How to Participate
1. Post your original creation (image / video / hand-drawn art / digital work, etc.) on Gate Square, incorporating Gate’s brand blue or the Gate logo.
2. Include the hashtag #Gate Blue Challenge# in your post title or content.
3. Add a short blessing or message for Gate in your content (e.g., “Wishing Gate Exchange continued success — may the blue shine forever!”).
4. Submissions must be original and comply with community guidelines. Plagiarism or re - 🎉 The #CandyDrop Futures Challenge# is live — join now to share a 6 BTC prize pool!
📢 Post your futures trading experience on Gate Square with the event hashtag — $25 × 20 rewards are waiting!
🎁 $500 in futures trial vouchers up for grabs — 20 standout posts will win!
📅 Event Period: August 1, 2025, 15:00 – August 15, 2025, 19:00 (UTC+8)
👉 Event Link: https://www.gate.com/candy-drop/detail/BTC-98
Dare to trade. Dare to win.
Euler Finance suffered a $200 million flash loan attack due to a smart contracts vulnerability.
Euler Finance suffers a flash loan attack, resulting in losses of nearly 200 million dollars.
On March 13, 2023, the Euler Finance project suffered a flash loan attack due to a vulnerability in its smart contract, resulting in a loss of approximately $197 million. The attacker exploited the lack of liquidity checks in the donateToReserves function of the contract to obtain substantial profits through multiple operations.
Attack Process Analysis
The attacker first borrowed 30 million DAI from a lending platform using Flash Loans and deployed two contracts: a lending contract and a liquidation contract.
Stake 20 million of the borrowed DAI into the Euler Protocol contract to obtain approximately 19.5 million eDAI.
Utilize the 10x leverage feature of the Euler Protocol to borrow 195.6 million eDAI and 200 million dDAI.
Use the remaining 10 million DAI to repay part of the debt and burn the corresponding dDAI, then borrow the same amount of eDAI and dDAI again.
Call the donateToReserves function to donate 100 million eDAI, then liquidate through the liquidate function to obtain 310 million dDAI and 250 million eDAI.
Finally, withdraw 38.9 million DAI, repay the Flash Loans of 30 million DAI, netting approximately 8.87 million DAI.
Cause of Vulnerability
The main reason for the success of the attack is that the donateToReserves function lacks the necessary liquidity checks. Unlike other key functions (such as mint), donateToReserves does not call the checkLiquidity function to validate the user's liquidity status. This allows the attacker to manipulate their own account into a state that can be liquidated and profit from it.
Under normal circumstances, the checkLiquidity function calls the RiskManager module to ensure that the user's Etoken amount is greater than the Dtoken amount, in order to maintain the health of the account. However, the donateToReserves function skips this critical step, creating an opportunity for an attack.
Lessons and Suggestions
This incident once again highlights the importance of security audits for smart contracts. For lending projects, special attention should be paid to the following aspects:
The project team should conduct a comprehensive and rigorous security audit before the contract goes live to ensure the safety and stability of the contract. At the same time, continuous security monitoring and timely vulnerability remediation are also indispensable.
With the rapid development of decentralized finance, similar security incidents may continue to arise. Developers and project teams need to remain vigilant, continuously learn and improve, in order to build a more secure and reliable blockchain ecosystem.