This Vulnerability Could Put Prime Protocol Users’ Funds at Risk
A security firm has reported a feature (or a bug) in cross-chain brokerage Prime Protocol that could jack up TVL and put users’ funds at risk.
While decentralized finance (DeFi) is often the victim of various hacks and thefts, open-source code also helps discover certain vulnerabilities.
A Vulnerability in Prime Protocol?
According to a security firm, Dilation Effect, a feature in Prime Protocol could put users’ funds at risk. The security firm claims that after users complete an approval operation, anyone can deposit their approved crypto into the protocol’s loan pools.
Source: Twitter
While it is not a critical bug, it might get misused to jack up the total value locked (TVL) of the DeFi protocol. According to DefiLlama, the TVL of Prime Protocol stands at $1.3 million.
If there is an attack on the platform, apart from TVL, the additional users’ funds are also at risk. This is because the hackers can deposit the approved crypto into the loan pool and steal away the additional funds.
According to the official website, security firms Veridise and Ackee Blockchain have audited Prime Protocol’s security.
Community members are looking for clarification on the matter. BeInCrypto has reached out to Prime Protocol but has yet to hear back.