In recent days, the Binance Smart Chain network has been a hotspot for flash loan attacks. There have been multiple attacks on popular liquidity protocols like PancakeBunny and Bogged Finance, resulting in losses worth millions of dollars. The latest victim has been Belt Finance, another BSC-based lending protocol that lost $6.3 million in a series of transactions that manipulated the system.
Belt Finance Shares Compensation Plan
The Rekt Blog, in a post mortem on the exploit, referred to it as “another notch in the now-famous flash loan exploit season on the BSC.”
However, the project has announced a compensation plan, which is intended especially for users who had funds in the 4Belt pool or beltBUSD vault, both of which were targeted by the attack. BELT token holders would also be compensated since its price dumped 54% following the attack.
“The price of the BELT token is a direct reflection of the value of Belt Finance as a protocol, and while BELT may not be a part of our 4Belt pool, it is representative of the faith our users have vested in us.”
The ﬁrst phase in the compensation plan is to take a snapshot of the 4Belt pool and 4BELT token holder addresses. They will receive remedy4BELT (r4BELT) tokens in proportion to their pre-attack holdings.
According to the blog, these new tokens can be utilized to acquire further compensation over time. Users will need to deposit new tokens alongside existing ones on PancakeSwap in order to get liquidity provider tokens, which must then be staked back into the network, implying that compensation must be effectively earned.
It was also indicated that 67 percent of the team’s unlocked allocation would be transferred to r4BELT compensation, equating to 864 tokens every day. In addition, the team will also donate $3 million USD to establish a new BELT buyback fund. PancakeSwap’s initial public offering will raise $1.5 million.
The attack on Belt Finance caused losses of over six million dollars. The attacker leveraged Pancakeswap to carry out its plan, manipulating its belt/BUSD pool, a protocol-wide stable coin, and profiting from its inefficiency. According to the Belt Finance team’s post mortem analysis, the attackers exploited this vulnerability eight times before it was spotted.
Belt Finance’s team promptly halted withdrawals and deposits to the impacted pools, claiming that the attack vector had been addressed following the attack.