-: FOLLOW US :- @theinsaneapp
The Platypus flash loan attack cost $8m and was caused by code in the wrong order.
-: FOLLOW US :- @theinsaneapp
The auditing company, Omniscia, conducted a post mortem report on the attack.
-: FOLLOW US :- @theinsaneapp
The problematic code was not present in the version that Omniscia saw.
-: FOLLOW US :- @theinsaneapp
The Platypus MasterPlatypusV4 contract had a fatal misconception in its emergencyWithdraw mechanism.
-: FOLLOW US :- @theinsaneapp
The emergencyWithdraw function's solvency check was performed before updating the LP tokens associated with the stake position.
-: FOLLOW US :- @theinsaneapp
The necessary elements to prevent an attack were present in the code for the emergencyWithdraw function.
-: FOLLOW US :- @theinsaneapp
However, these elements were written in the wrong order.
-: FOLLOW US :- @theinsaneapp
The report emphasized that the code order was the primary cause of the attack.
-: FOLLOW US :- @theinsaneapp
The attack was a flash loan attack.
-: FOLLOW US :- @theinsaneapp
The attack resulted in an $8m loss for Platypus.