. Flash loans aren’t inherently a bad thing, they were initially developed as used as a tool for traders looking for arbitrage opportunities., which continually checks for solvency. As CoinDesk previously reported, the attacker used borrowed crypto from Aave to supply liquidity to a trading pool on Platypus.
The smart contracts then issued a liquidity provider token, LP-USDC, and placed it into a staking contract on the protocol. They then borrowed USP stablecoins against their LP positions and withdrew everything to Aave to repay the flash loan.it intends to replay a minimum of 63% of funds to users after it managed to recover a part of the $9 million drained from the protocol last week.
PoliceNationale Platypusdefi thesamreynolds It wasn't just a flashloan exploit, the contract had a vulnerability with the 'emergencyWithdraw' function.