Kokomo Finance Accused of $4M Exit Scam

Kokomo Finance, an open-source and noncustodial lending protocol on Optimism, has been accused of an exit rip-off value $4 million. The protocol allegedly plucked person funds by way of a sensible contract loophole, inflicting the Kokomo Finance token to plummet 95% in worth in a matter of minutes. Blockchain safety agency CertiK alerted its followers to the scenario in a tweet on March 26.

In accordance with CertiK, the deployer of the KOKO token attacked the sensible contract code of a wrapped Bitcoin token, cBTC, by resetting the reward velocity and pausing the borrow perform. An deal with starting with “0x5a2d..” then authorised the brand new cBTC sensible contract to spend over 7000 Sonne Wrapped Bitcoin (So-WBTC). The attacker then referred to as one other command to swap the So-WBTC to the 0x5a2d deal with, which produced a $4 million revenue, in response to the safety agency.

CertiK additionally famous that Kokomo Finance eliminated all social media accounts instantly following the alleged rug pull. The protocol rose up the ranks rapidly in current days, with blockchain knowledge platforms like CoinGecko and DefiLlama formally monitoring it shortly after Kokomo Finance went reside on Optimism on March 25. Latest screenshots reveal that greater than $2 million was locked into Kokomo Finance previous to it falling greater than 97%.

Over 72% of the full worth locked within the Kokomo Finance protocol got here within the type of wrapped Bitcoin, in response to knowledge from DefiLlama. Whereas most features of the audit had been handed, “typographical errors” had been discovered, and the proprietor of the KOKO token was additionally discovered to have a one-time capability to mint 45% of the utmost provide to an arbitrary deal with.

Kokomo Finance is a lending protocol that permits customers to commerce for wBTC, Ether (ETH), Tether (USDT), USD Coin (USDC), and Dai (DAI). It operates on the Optimism layer 2 scaling answer, which permits for sooner and cheaper transactions on the Ethereum community.

The exit rip-off allegations towards Kokomo Finance have raised considerations in regards to the safety of decentralized finance (DeFi) protocols. Whereas DeFi has enabled better monetary freedom and accessibility for customers, it has additionally introduced with it new dangers and challenges. Good contract vulnerabilities and safety loopholes will be exploited by dangerous actors, as within the case of Kokomo Finance.

Regardless of this incident, the DeFi house continues to develop and evolve, with new protocols and platforms rising on a regular basis. Because the business matures, it’s seemingly that better consideration might be paid to safety and danger administration, as a way to defend customers and forestall comparable incidents from occurring sooner or later.