- ETH/USD is sliding down amid technical correction on the market.
- Ethereum registered a strong growth of trading volumes in recent days.
ETH, the second-largest digital asset with the current market value of $29 billion, hit the highest level of 2020 at $277.39 on February 13. By the time of writing the coin has retreated to $261.40 amid technical correction on the cryptocurrency market. ETH/USD has lost nearly 2% in recent 24 hours and stayed mostly unchanged since the beginning of the day.
ETH trading volumes on the rise
Apart from the spectacular price increase, ETH registered a strong growth of trading volumes. Ethereum’s average daily trading volume jumped above $25 billion from $16 billion at the beginning of the week, while an average transaction size retreated to $1,000 according to the data provided by Intotheblock.
According to Skew Analytics, ETH had the most active session of the year on February 12 as the volume traded on BitMEX, Huobi & OKEx exceeded $1 billion.
ETH/USD: Technical picture implies further downside correction
On a 1-hour chart, ETH/USD moved below SMA50. This line located under $265.00 now serves as an initial resistance that needs to be taken out. Once this happens, the recovery may be extended towards psychological $270.00, followed by the upper line of 1-hour Bollinger Band on approach to $271.00. A sustainable move above this barrier will bring the recent high above $277.00 back into focus.
On the downside, the initial support is created by $260.00. If it is broken, the downside is likely to gain traction with the next focus on $252 ( the middle line of 4-hour Bollinger Band) and psychological $250.00. SMA200 1-hour at $245.50 should stop the sell-off and attract new buyers to the market.
ETH/USD 1-hour chart
DeFi Project bZx Exploited for Second Time in a Week, Loses $630K in Ether
Bad actors have made off with $630,000-worth of the ether (ETH) cryptocurrency after exploiting a price feed of the ethereum-based lending project bZx.
The attack – the second in less than a week – began at just after 03:00 UTC Tuesday, when attackers apparently took out a flash loan of 7,500 ETH (approximately US$1.98 million), using 3,518 ETH (~$939,300) to purchase synthetic USD stablecoin sUSD from the issuer, which they then posted as collateral for a bZx loan, according to an analyst on Twitter.
They then used 900 ETH (~$240,000) to bid up the value of sUSD through an integrated price feed from liquidity provider Kyber Network until the dollar stablecoin spiked at $2. Using this inflated collateral, they took out another loan of 6,796 ETH (roughly $1.8 million) that was used to pay back the original 7,500 ETH loan, pocketing the remaining 2,378 ETH.
The total amount stolen is worth approximately $633,000, according to CoinDesk’s Ether Price Index. In its entirety, the attack took just over a minute from beginning to end. The exploiters have left an open loan with half the required collateral now that sUSD has returned to its dollar pegging.
The total amount of ether locked in bZx lending contracts has nearly halved from 40,000 ETH (~$10.7 million) to 23,000 ETH (~$6.1 million) since the exploit took place, according to statistics site DeFi Pulse.
The official Twitter account for bZx confirmed at 04:38 UTC the project had suspended trading after it detected “suspicious transactions using flash loans and trading on Synthetix.” A bZx spokesperson confirmed on the group’s Telegram channel the company itself, rather than any of the platform’s users, would cover the shortfall.
The attack comes days after bZx fell victim to a similar flash loan-based attack where more than $350,000-worth of cryptocurrencies were extracted from the platform. It’s unclear whether the two attacks were carried out by the same person or group.
What are flash loans?
The vast majority of DeFi lending facilities rely on overcollateralized loans: Borrowers can usually only borrow around 75 percent of the value of their collateral. Although that incentivizes users to pay back loans, it also requires lenders to have very high liquidity – sometimes in a diverse range of assets – in order to quickly liquidate loans.
Flash loans are instruments that allow traders to liquidate the loans on the lender’s behalf. It works by having the trader take a loan out from the lender – this time not posting any collateral – then paying back the borrower’s debt and collecting the deposit. Using the deposit they can pay back the original loan and pocket the remaining funds.
Flash loans were already available on other DeFi projects such as the non-custodial lending platform Aave Protocol, which has offered them since the beginning of the year.
bZx only launched its own flash loan instruments on Monday. CEO Tom Bean defended the decision to introduce flash loans onto the platform. “By all accounts, the flash loan code on bZx was not what allowed this attack. It was just a tool used that functioned correctly and could have been swapped out for dydx and Aave flash loans,” he wrote on the company’s Telegram channel.
Kyle Kistner, bZx’s chief visionary officer and operations lead, confirmed, also on Telegram, the flash loan hack was “completely tractable.” He highlighted that bZx would accelerate plans to integrate Chainlink to diversify price feeds and prevent oracle manipulations from happening again.
A representative for bZx told CoinDesk the team was trying to resolve the exploit with its team of engineers. Bean and Kistner did not immediately return calls for comment.
Ethereum should consolidate position above $300 by mid-March
Over the past four days, Ethereum has recorded significant price volatility. After registering a significant dump of around 18 percent over 15-16 February, the market’s 2nd largest crypto-asset jumped right back above the $270 mark. Over the past 24 hours, Ethereum had recorded a positive turn around of 8.01 percent, with a market cap of over $30 billion.
Source: ETH/USD on TradingView
On observing Ethereum’s 1-day chart, it can be identified that the surge on 30 January was a bullish breakout that surfaced due to the formation of a long-term cup and handle pattern. The pattern started developing towards the end of November 2019 and took shape over the last 3 months.
After the spike on 30 January, Ethereum inevitability breached past its key resistance at $229 (i.e acting support, at present) and the token has since, managed to consolidate over the $250 mark. The aforementioned correction on 15 February did bring it below $250 for 24 hours, but the price bounced right back.
At press time, the bullish momentum was picking up pace again. Hence, there is a possibility that ETH may cross $300 over the next few days. However, it would be short-lived.
A minor correction down to $251 would allow the token to successfully head towards the $303 resistance by mid-March and consolidate above the range for a longer period of time.
However, according to the VPVR indicator, trading volume at $229 has been strong over the past six months and repeated corrections from 15 February may allow retracement down till the $229 support.
Ethereum/Bitcoin 1-hour chart
Source: ETH/BTC on TradingView
However, on observing the ETH/BTC 1-hour chart, a re-test down to $229 seems less likely for Ethereum. According to the chart, an inverted head and shoulder pattern had been breached at press time, which suggested that the 2nd largest asset is primed for another bullish surge. A breakout after a head and shoulder is heavily bullish, something that improves the probability of Ethereum crossing $300 in the short-term. Concerns about another bearish pullback will remain after the bullish momentum faces timely exhaustion over the next few weeks.
It is possible Ethereum may breach the $300 mark resistance over the next few days, but a quick retracement will follow that. After a pullback, the token should consolidate between $251-$279, before eventually marching past $303 by mid-march.
Almost $1 Million Of ETH Compromised Following Two Attacks On DeFi Protocol bZx
The space of Decentralized Finance (DeFi) took a serious hit in the past week as decentralized lending protocol went through two subsequent attacks. The compromised funds amount to a little less than $1 million.
The First Attack On bZx – February 14th
The first attack happened on block 9484588, timestamped February 15th, according to the official report from bZx. Per the document, the attack was launched on Valentine’s day on February 14th during ETHDenver. At that time, bZx’s team has been out attending the event.
The attacker took advantage of a few DeFi protocols to lend and swap a substantial amount of ETH and wrapped Bitcoin (wBTC). The latter represents a token launched on Ethereum’s network, tracking the price of Bitcoin. This allowed the perpetrator to manipulate the prices and to profit off of decentralized leveraged trade.
First, the attacker borrowed 10,000 ETH from dYdX – a decentralized lending protocol. He then used 5,500 ETH to collateralize a loan for 112 wBTC on Compound – another lending protocol. After that, he spent 1,300 ETH to open a 5x leveraged ETH/BTC short position on the Fulcrum trading platform of bZx, while also borrowing 5,637 ETH through Kyber’s. This amount he swapped for 51 wBTC, causing a serious slippage.
This allowed the perpetrator to profit from swapping the 112 wBTC from Compound to 6,671 ETH and generate an income of 1,193 ETH. That’s roughly around $318,000. At the end of it all, the attacker paid back the 10,00 ETH loan on the dYdX protocol that he had taken before.You Might Also Like:
- IOTA Releases Safe Version of Trinity Desktop But Mainnet Remains Suspended
- IOTA Halts Network While Investigating Trinity Wallet Fund Thefts
- 260% Surge In DeFi-Locked Value In A Year: $1 Billion Already In
The Second Attack – February 18th, Details Pending
The bZx team has also officially confirmed the second attack.
Per the official disclosure, the attacker managed to extract a net profit from the system of around $600,000, bringing the losses up to more than $900,000 worth of ETH. However, the mechanism of the second attack was completely different than the first one.
The issue at hand had a lot to do with oracle manipulation. Oracles typically represent centralized components that provide external information to on-chain apps.
In light of the above, the bZx team has also stated that they are working closely with Chainlink, as well as with other oracle providers to “create a more robust oracle and reduce the surface area of attacks against our protocol.”
Purportedly, the team managed to delay the realization of the profits from the second attack and stated that they “believe the system can recover from this.”
More Security Audits And Research Is Vital, Says The CEO of Aave
CryptoPotato managed to get the opinion of Stani Kulechov, CEO at Aave – an open-source DeFi Protocol.
Explaining the attack in simpler words, he said that a “flash loan was used to get capital without owning it. The attack was possible without a flash loan as well if the person would have such a big amount of cryptocurrency in possession. Flash Loans are testing the waters of DeFi. Every DeFi protocol needs to mitigate the risks that flash loans can create. They are not bad as they can be used to create innovative products such as collateral swaps that we’re building on top of Aave Flash Loans.”
He also outlined that every line of code presents a risk that needs to be mitigated.
More security audits and research is vital. Risk should be properly assessed before deploying new protocols.