The Meter Passport token bridge platform has incurred $4.4 million in losses due to a smart contract hack which also caused Hundred Finance to lose $3.3 million through under-collateralized loans.
Meter.io’s Meter Passport (MTRG) is a token bridge that is compatible with Ethereum and its sidechains. This attack affected the Moonriver side of the bridge.
Moonriver is a smart contract platform based on Polkadot’s Kusama network. Hundred Finance is a crypto lending platform based on the code for Compound Finance.
Starting at 2pm UTC on Feb. 5 and over the course of several transactions, about $4.4 million in Binance Coin (BNB) and wETH were minted through a “wrong trust assumption” in the code, according to a Feb. 6 statement from the Meter team. In this case, an arbitrary amount of ETH was deposited to Meter which the hacker used to mint tokens using the vulnerability.
The attack caused a cascade effect across the Kusama-based Moonriver ecosystem. After draining Meter of its BNB and wETH reserves, the attacker sold the BNB on SushiSwap, a popular decentralized exchange. This led to a 77% crash in the price of BNB on Moonriver at the time.
A number of opportunists then took advantage of the price dip by buying cheap BNB. They used the tokens as collateral on Hundred Finance in order to take out ETH, FRAX, and MIM loans. Due to the discrepancy in BNB price, however, their loans were worth more than the collateral they had provided, causing a supply crisis.
Amazingly, two of the loans were repaid, leaving an outstanding $3.3 million in losses to the Hundred protocol. The ETH loan was entirely returned. The Hundred team has attempted to reach out to the parties involved to ask that they return the BNB tokens used as collateral to Meter.
The Meter team has committed to reimbursing its community and Hundred Finance for losses incurred due to the hack. The team stated on Feb. 6 that it had set aside $4.4 million in MTRG tokens to cover initial losses.