StakingMarketRegulationCryptostake ExplainsUncharted
Let the Hack be a Lesson for You:The Prisma Finance Intruder Makes Unusual Demands

The unique story of Prisma Finance hack 

On March 28, Prisma Finance faced a dire situation when multiple attackers exploited a vulnerability in its liquid staking protocol, leading to a loss of $11 million. Among the attackers, one claimed to be a "white-hat" hacker—typically someone who hacks for ethical reasons, such as to improve security. This individual, differentiating themselves from "black-hat" hackers who exploit vulnerabilities for personal gain, expressed a willingness to return the stolen funds. However, their cooperation comes with a set of unusual conditions.

The hacker has requested that the Prisma Finance team conduct an online press conference to publicly apologize to its users and investors, and to acknowledge the hacker's assistance in resolving the issue.

The hacker stated in an on-chain message:

"I hope this would help ppl be more careful participating in defi, the teams would be more responsible, and everyone would change their minds about things like this," 

They also suggested that the specifics of the fund's return would be negotiable, hinting that a significant portion would be returned after the conditions are met.

Community reaction and Prisma's response

The Prisma Finance community reacted with skepticism to the hacker's demands, especially considering over $2.5 million in ether was transferred to Tornado Cash, a blockchain mixing service known for obfuscating the origins of digital assets. This move casts doubt on the hacker's intentions, blurring the lines between ethical hacking and potential theft. 

A Prisma Finance Discord server user remarked, highlighting the community's wariness:

"He's doing a 'trust me bro' with millions of dollars in [Tornado Cash],"

In response to the exploit, Prisma Finance took decisive action by pausing the protocol to prevent further losses. They conducted a thorough investigation, resulting in a detailed post-mortem analysis. The identified vulnerability was a lack of input validation in a smart contract function—a crucial oversight that paved the way for the exploit. The Prisma team has prioritized the recovery of user funds as their main objective, promising to resume protocol operations only when it's confirmed secure.

The team affirmed, committing to both transparency and remedial measures:

"While retrieving all users' funds is our main focus right now, unpausing the protocol will be part of the next steps once we are sure that all positions are safe,"