Bug Exploiters

What is the list of addresses that were explicitly exploiting the bug by doing multiple join/exits, i.e. who were the attackers? What was the total dollar amount that was taken by the attackers? What amount of stolen assets in the attackers’ wallets remain on Osmosis?

Introduction

What is Osmosis?

Osmosis is a decentralized peer-to-peer blockchain that people can use to create liquidity and trade IBC enabled tokens. The Osmosis blockchain is made up of free, public, and open-source software.

What was the recent bug in Osmosis

On June 8th, a critical bug was found on Osmosis that led to the theft of several million dollars from liquidity pools. The bug gave liquidity providers double the amount of tokens they deposited when leaving the pool.

Methodology

We will look at the addresses what thave eploted the pools and how much the manged to take from the pools.
We are looking get a list of addresses that were explicitly exploiting the bug by doing multiple join/exits.

Bug Exploiters Metrics

Observation

It seems that about 5 addresses explicitly exploited the bug by doing multiple join/exits.
The address that exploited the bug did it between 14 and 75 times.

Conclusion

The 4 address above were responsible for the attack and took Assets worth over 6 Million OSMO.
98% of the assets that were stolen were taken by 2 addresses.

flipside