Liquid Restaking Protocol Astrid Hacked

Overview

On the evening of October 28th, Astrid, a Liquid Restaking solution using EigenLayer technology, suffered a smart contract attack.

Key Points

Estimated Damage: Initial estimates suggest a loss of approximately $228,000. The detailed vulnerability exploited by the hacker has not yet been disclosed, and further information will be provided in forthcoming Post Mortem reports.

Initial estimates of the damage by MetaSec

Communication with Hacker: The project has sent an on-chain message to the hacker to discuss the return of stolen assets in exchange for a bug bounty reward. The proposed reward is 20% of the stolen amount.

On-chain message sent to the hacker by Astrid

Snapshot for Compensation: Astrid has taken a snapshot of all user account balances to facilitate future compensation.

Snapshot announcement for compensation by Astrid

Incident Notification: The official Astrid X account announced the hack on their smart contract. Immediate actions were taken to suspend the smart contract's operations.

Announcement by Astrid on X

Preliminary Analysis

According to preliminary assessments from MetaSec, the smart contract lacked adequate input validation checks for the "Withdraw" function. This oversight allowed the hacker to exploit the contract.

About Astrid

Astrid is a Liquid Restaking project built on EigenLayer's platform. The protocol aims to provide liquidity to restaked tokens from EigenLayer's solution and automatically reinvest returns into the pool.

For more updates on this incident and other developments, follow Coin68 on Google News.