Eminence.Finance, the unfinished decentralized finance (DeFi) protocol by Yearn.Finance (YFI) founder Andre Cronje, was exploited Monday night.
Eminence is a card gaming protocol being developed by Cronje, who built the viral DeFi project YFI. YFI popularized the concept of yield aggregation — farming yield from different lending protocols and optimizing for the maximum yield. YFI then returns the collected yield to depositors.
Within days of its launch, YFI became famous and the price of its native governance token shot up. Its market capitalization has surged to $787 million at the time of writing, according to CoinGecko.
So when Cronje disclosed his another project Eminence, via retweets, yield farmers didn’t seem to want to miss a chance and ended up depositing $15 million in the unfinished project.
“Just aped into $EMN,” tweeted @ChainLinkGod, for instance. “I still have no idea what it does or what its purpose actually is, but hey if @AndreCronjeTech is involved, I’ll degen in any day of the week.”
Cronje said Eminence is at least three weeks away, which he disclosed only after the exploit took place. “Yesterday we finished the concept behind our new economy for a gaming multiverse. Eminence. As per my usual methodology, I deployed our staging contracts on ETH so we can continue developing on it,” he said.
Cronje deployed smart contracts for Eminence, with “burn” and “mint” possibilities, meaning users could deposit funds and mint Eminence’s native EMN token.
“Almost [$]15m was deposited into the contracts,” said Cronje. “The contracts were exploited for the full [$]15m and [$]8m was sent to my yearn: deployer account.”
Cronje termed the exploit as a “very simple one” — “mint a lot of EMN at the tight curve, burn the EMN for one of the other currencies, sell the currency for EMN.”
One trader, for instance, lost $130,000 in one hour. Here’s how EMN tank:
While traders are ultimately responsible for any loss of funds deposited into unfinished and unaudited protocols, Cronje’s actions, i.e., teasing about and retweeting Eminence’s project, could be held responsible, according to some members of the DeFi community.
“Andre deployed these contracts from the main ‘Yearn Deployer’ address. People watch his every move, every transaction. Why didn’t he use an alternative, non-followed address to deploy/test if these were indeed just ‘staging’ contracts?,” asked Mick Hagen, founder of Genesis Block.
“Just after he deploys the contracts, he starts RTing mysterious, FOMO-inducing teasers. The domain is theirs,” said Hagen. “It all checks out. The hype is building. This train is leaving the station. No turning back. Anything Andre touches turns to gold. Degen mode activated.”
Hagen said the situation could have been mitigated if Cronje didn’t induce “FOMO” (fear of missing out) by retweeting teasers of his new gaming protocol.
“Given some of the responses, let me be clear, do not use random contracts I deploy unless I reference it in a medium article,” said Cronje. “The contracts I deployed yesterday were purely for myself to engage with.”
It is not clear whether Cronje would issue new tokens to depositors who lost money when Eminence officially launches. The Block has reached out to Cronje and will update this story should we hear back.
© 2020 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Find the full article here