Geist Finance, a prominent lending protocol operating on the Fantom network, has announced its permanent shutdown due to substantial losses resulting from the Multichain exploit. This devastating incident has not only impacted Geist’s operations but has also brought to light critical vulnerabilities in the security infrastructure of the Multichain network. In this article, we delve into the series of events that led to Geist’s closure, exploring the pause and resumption of contracts, issues with oracles, the Multichain hack, storage mishaps, and a fee-based attack.
Geist Finance paused its contracts on July 6 after vulnerabilities related to the Multichain exploit were discovered. This responsible decision was made to mitigate further damage. The contracts were eventually resumed on July 9, but only in a “withdraw and repay only” mode. This precautionary measure aimed to limit potential losses and protect users’ assets while the situation was being assessed and addressed.
Geist Overview
Before the Multichain hack, Geist Finance boasted considerable success as a lending protocol, with over $29 million worth of assets locked in its contracts. Operating on the Fantom network, Geist offered users an avenue to lend and borrow assets, providing an essential service to the decentralized finance (DeFi) community.
Issues with Oracles
One of the critical factors that contributed to Geist’s downfall was the sudden failure of its oracles. These oracles, which provide reliable information for price feeds and other critical data, ceased producing accurate results. It became apparent that the values assigned to the non-bridged versions of each coin were listed at more than four times their Multichain derivatives. This discrepancy made it impossible to re-enable lending, as doing so would potentially result in significant bad debts for holders of non-Multichain coins.
Inability to Reactivate Lending
Considering the disproportionate valuation attributed to non-Multichain coins, Geist Finance faced the challenging reality of being unable to reactivate lending services. The potential for accumulated bad debt would have severely impacted the platform’s users and further compromised the already fragile financial state of Geist Finance. Ultimately, making the decision to continue lending was an untenable risk.
No Blame on Chainlink Oracles
In clarifying the reasons behind Geist Finance’s closure, the development team explicitly stated that they did not hold Chainlink oracles responsible. The oracles performed as intended and fulfilled their role faithfully. Instead, they attributed the blame solely to Multichain, highlighting its negligent handling of security and key storage, which resulted in the devastating exploit.
Multichain Hack and Withdrawals
Blockchain analytics experts were quick to detect a significant hack within the Multichain network, reporting the incident on July 7th. The breach resulted in over $100 million being withdrawn from the Ethereum side of Multichain bridges. This incident not only exposed the vulnerability of the network itself but also cast a shadow of concern across the entire DeFi industry.
Confirmation of Hack
On July 14, the Multichain team confirmed that the substantial withdrawals made on July 7 were indeed a direct result of a hack. This revelation added weight to the severity of the situation and served as confirmation that Multichain’s security measures had fallen short.
Storage of Private Keys and CEO’s Arrest
Further investigation traced the root cause of the exploit to Multichain’s storage practices. All shards of Multichain’s private keys were kept in a cloud server account solely controlled by the team’s CEO. Unfortunately, this single point of failure led to disaster when the CEO was arrested by Chinese authorities. The arrest removed any possibility of immediate intervention to prevent or mitigate the unfolding crisis.
Fee-Based Attack as a Counter-Exploit
Adding to the already convoluted situation, it was revealed that the July 11 fee-based attack was initiated by the CEO’s sister at the behest of the Multichain team. This move aimed to counter-exploit the situation in an attempt to recover funds lost during the initial hack. The complicated web of events further underscored the mismanagement and questionable actions taken by those affiliated with Multichain.
Geist Finance’s permanent closure serves as a cautionary tale, shedding light on the fragilities and vulnerabilities within the DeFi space. The Multichain exploit and subsequent chain of events have exposed the urgent need for stronger security practices and decentralized protocols. As the industry evolves, it is crucial for projects to prioritize comprehensive security measures, including decentralized key storage and robust auditing processes. Only through such measures can the trust and integrity of DeFi protocols be restored, and the industry can continue to grow and innovate with confidence.