Bunni Suffers $8.4 Million Loss in Flash Loan Exploit

Bunni decentralized exchange lost $8.4 million after a flash loan exploit targeting a rounding flaw in its smart contract, prompting security fixes and cooperation with law enforcement.

194d ago

Summary

Bunni reported an $8.4 million loss after attackers exploited a rounding error in its smart contract during withdrawals. The flash loan attack manipulated liquidity and pricing across two pools, sharply reducing liquidity. Bunni has patched its rounding code, engaged law enforcement to track stolen funds, and offered a 10% reward for their recovery.

Terms & Concepts

Flash Loan: A type of uncollateralized loan in decentralized finance that must be borrowed and repaid within a single transaction block.
Smart Contract: Self-executing code on a blockchain that enforces agreements without intermediaries, often used in DeFi protocols.
Rounding Error: A flaw in numerical calculations within code that can cause unintended behavior, potentially creating exploitable vulnerabilities in blockchain systems.