Geist Finance Shuts Down Permanently After Multichain Exploit: A Detailed Account

Geist Finance, a prominent lending protocol operating on the Fantom network, has announced its permanent shutdown due to substantial losses resulting from the Multichain exploit. This devastating incident has not only impacted Geist’s operations but has also brought to light critical vulnerabilities in the security infrastructure of the Multichain network. In this article, we delve into the series of events that led to Geist’s closure, exploring the pause and resumption of contracts, issues with oracles, the Multichain hack, storage mishaps, and a fee-based attack.

Geist Finance paused its contracts on July 6 after vulnerabilities related to the Multichain exploit were discovered. This responsible decision was made to mitigate further damage. The contracts were eventually resumed on July 9, but only in a “withdraw and repay only” mode. This precautionary measure aimed to limit potential losses and protect users’ assets while the situation was being assessed and addressed.

Geist Overview

Before the Multichain hack, Geist Finance boasted considerable success as a lending protocol, with over $29 million worth of assets locked in its contracts. Operating on the Fantom network, Geist offered users an avenue to lend and borrow assets, providing an essential service to the decentralized finance (DeFi) community.

Issues with Oracles

One of the critical factors that contributed to Geist’s downfall was the sudden failure of its oracles. These oracles, which provide reliable information for price feeds and other critical data, ceased producing accurate results. It became apparent that the values assigned to the non-bridged versions of each coin were listed at more than four times their Multichain derivatives. This discrepancy made it impossible to re-enable lending, as doing so would potentially result in significant bad debts for holders of non-Multichain coins.

Inability to Reactivate Lending

Considering the disproportionate valuation attributed to non-Multichain coins, Geist Finance faced the challenging reality of being unable to reactivate lending services. The potential for accumulated bad debt would have severely impacted the platform’s users and further compromised the already fragile financial state of Geist Finance. Ultimately, making the decision to continue lending was an untenable risk.

No Blame on Chainlink Oracles

In clarifying the reasons behind Geist Finance’s closure, the development team explicitly stated that they did not hold Chainlink oracles responsible. The oracles performed as intended and fulfilled their role faithfully. Instead, they attributed the blame solely to Multichain, highlighting its negligent handling of security and key storage, which resulted in the devastating exploit.

Multichain Hack and Withdrawals

Blockchain analytics experts were quick to detect a significant hack within the Multichain network, reporting the incident on July 7th. The breach resulted in over $100 million being withdrawn from the Ethereum side of Multichain bridges. This incident not only exposed the vulnerability of the network itself but also cast a shadow of concern across the entire DeFi industry.

Confirmation of Hack

On July 14, the Multichain team confirmed that the substantial withdrawals made on July 7 were indeed a direct result of a hack. This revelation added weight to the severity of the situation and served as confirmation that Multichain’s security measures had fallen short.

Storage of Private Keys and CEO’s Arrest

Further investigation traced the root cause of the exploit to Multichain’s storage practices. All shards of Multichain’s private keys were kept in a cloud server account solely controlled by the team’s CEO. Unfortunately, this single point of failure led to disaster when the CEO was arrested by Chinese authorities. The arrest removed any possibility of immediate intervention to prevent or mitigate the unfolding crisis.

Fee-Based Attack as a Counter-Exploit

Adding to the already convoluted situation, it was revealed that the July 11 fee-based attack was initiated by the CEO’s sister at the behest of the Multichain team. This move aimed to counter-exploit the situation in an attempt to recover funds lost during the initial hack. The complicated web of events further underscored the mismanagement and questionable actions taken by those affiliated with Multichain.

Geist Finance’s permanent closure serves as a cautionary tale, shedding light on the fragilities and vulnerabilities within the DeFi space. The Multichain exploit and subsequent chain of events have exposed the urgent need for stronger security practices and decentralized protocols. As the industry evolves, it is crucial for projects to prioritize comprehensive security measures, including decentralized key storage and robust auditing processes. Only through such measures can the trust and integrity of DeFi protocols be restored, and the industry can continue to grow and innovate with confidence.

Explore more

Ethereum Uses AI Swarms to Proactively Patch Network Flaws

The architectural integrity of global decentralized networks has reached a pivotal juncture where the speed of malicious exploitation often outpaces the traditional cadence of human-led security audits. To address this widening gap, The Ethereum Foundation has fundamentally transitioned its security strategy from a reactive model to an automated, proactive defense paradigm that leverages the power of machine learning. This shift

How Is ERP Modernization Driving DLA to Audit Readiness?

The Defense Logistics Agency currently manages an intricate global supply chain that serves as the backbone for the United States military, requiring an unprecedented level of financial precision and operational transparency to meet modern oversight requirements. This massive undertaking involves a transition from aging, siloed legacy systems to a unified Enterprise Resource Planning environment designed to provide real-time visibility into

What Makes Odyssey Infostealer a Global Threat to macOS?

The long-standing myth that macOS remains immune to sophisticated cyberattacks has been decisively shattered by the emergence of the Odyssey infostealer, a highly specialized malware variant engineered to bypass modern system integrity protections. This transition represents a fundamental shift in the threat landscape, where the historical security-by-obscurity advantage once enjoyed by Apple users has entirely vanished. As the adoption of

Can AI Secure Windows Without Compromising Stability?

The sheer scale of modern software development has reached a point where manual code review is no longer sufficient to protect the billions of devices running Windows across the globe. As lines of code multiply and interdependencies become more complex, traditional security measures are struggling to keep pace with the rapid evolution of sophisticated digital threats. In response to this

Xero Launches JAX to Redefine Accounting with Agentic AI

Small business owners have historically spent an exhausting amount of time tethered to spreadsheets and receipts, but the emergence of agentic AI is finally turning those static records into a living, breathing financial command center that operates with minimal human oversight. With more than five million global subscribers now integrated into its ecosystem, Xero is spearheading a movement toward Accountable