Weekly RiskDAO report 27 Dec '22

All referenced data can be accessed directly on the Vesta dashboard by RiskDAO.


Last week, GMX was at the center of attention by on-chain sleuths over inconsistent reporting of GLP price and AUM. GMX was quick to deploy a fix which should close the price deviation and the team has been pointing out that this error was not exploited for profit. We were able to pinpoint the root cause of the issue and assess its effect on Vesta within 12 hours post the official announcement.

Over Christmas, Defrost Finance (a leveraged yield trading protocol on Avalanche) got exploited for $12m. The team says it got hacked and the attacker used flashloans to withdraw funds of v2. In a separate attack, the hacker stole owner keys for v1. However, security accounts like PeckShield found on-chain evidence that the team added a fake collateral token and a malicious oracle address in order to drain the pools. Certik also suggests it is an exit scam and so does DefiYieldSecurity.

Defrost Finance started offering a 20% bounty for the return of the funds. In a further twist of events, Defrost has announced they recovered the stolen v1 funds and will implement a reimbursement plan.

The Ankr hack that led to a major exploit of Helio Money (and depeg of $HAY stablecoin) in early December was orchestrated by a former Ankr employee.

Dashboard Highlights

The cap utilization of gOHM and sGLP is hovering around 78.8% and 84.3%, respectively.

The VAR for the worst day simulation stands at zero. Current MCRs are at recommended levels (ETH-Vault) or well above them (all other).

The weight of $VST in the VST-FRAX pool stays at 3:1 (VST:FRAX).

gOHM remains the #1 collateral asset accounting for $13.1m or 52% of total collateral base, followed by sGLP which stands at $8.6m (34% of total collateral).

Based on existing mint caps, the MCR for DPX is slightly below recommended levels. This should be monitored.

1 Like