PrismaLST
HackedDeFi · $PRISMA · born 2023 · ✝ 2024
Trove manipulation via flash loan cost it ~$11.6M.
Prisma Finance was a liquid-staking-backed stablecoin protocol on Ethereum. In 2024 an attacker used a flash loan to manipulate user troves through a flawed migration function, draining roughly $11.6M.
- Peak
- ~$11.6M stolen
- Cause
- Hacked
- Year of death
- 2024
☠️ Cause of death
A flash loan exploited a flaw in the trove migration logic, letting the attacker drain collateral from positions.
📓 Lessons left behind
- —Migration functions need the same scrutiny as core code.
- —Validate caller intent on every state-changing path.
- —Flash loans probe the seams between features.
🌱 The idea that survived
Migration audits
Highlighted auditing migration and helper functions as rigorously as core protocol logic.
#defi#flash-loan#stablecoin#lst