Research Summary
This report examines the early history of the Metis ecosystem, focusing on a multi-protocol exploit in April 2022. The Metis ecosystem, an Ethereum Layer 2 network, faced significant disruption due to a combination of a smart contract bug and economic weaknesses. The top lending protocol on Metis was compromised when an exploiter took advantage of a poorly set up treasury contract. This allowed the exploiter to control over half of a specific token supply, leading to a price manipulation attack on the lending platform. The aftermath resulted in about $8.4M worth of bad debt, causing both the treasury and lending platforms to shut down. This incident disrupted activities across the Metis network and impacted its growth.
Actionable Insights
- Enhance Security Measures: Implementing better smart contract audits and economic risk assessments can prevent similar exploits.
- Improve Collateral Management: Protocols should consider supply limits and collateral ratios that align with the risk profile of the tokens.
- Utilize Advanced Oracles: Using multiple price sources or sophisticated filters for price data can reduce vulnerability to manipulation.
- Implement Automated Detection Systems: Systems that detect unusual activity, such as outsized supply positions, can provide early warnings of potential issues.
- Reduce Dependency on Single Protocols: Diversifying reliance on lending protocols can minimize the damage to the ecosystem in the event of a loss.
