Web3: Solana DeFi TVL substantially overstated and Slope wallets hacked; Blackrock Aladdin integrates Coinbase Prime for BTC; Binance KYC tokens
Gm Fintech Futurists —
Welcome to our Web3 newsletter, focused on covering the overall progress in the metaverse, NFTs, and DeFi. This content is premium only — give it a share, and leave suggestions in the comments!
DeFi Protocols and Digital Assets
Master of Anons: How a Crypto Developer Faked a DeFi Ecosystem - Coindesk
A Coindesk investigation found that the Solana DeFi ecosystem was propped up by a manipulation of double-counting Total Value Locked, the core metric similar to assets under management.
For context, Saber is an AMM (automated market maker) on Solana with TVL reaching over $4B in September 2021. The Sunny DeFi yield aggregator, which was built on top of the Saber protocol, amassed almost $3.5B in TVL in the same period. It was uncovered that the pseudonymous developer behind Sunny was the chief architect of Saber, Ian Macalinao. Ian was single-handedly building the aggregator and various other protocols, whose purpose was to stack on top of Saber in order to exaggerate TVL over and over again. At its peak, this scheme accounted for over 70% of Solana’s $10B+ TVL. Investors also lost money when one of these protocols, Cashio, was hacked for $52MM.
One of the lessons learnt from Terra’s collapse is that TVL is a dangerous metric to follow. Just like trading volume can be spoofed with robots and wash-trading, so can asset count be inflated with rehypothecated derivatives. If something is too good to be true, well, you know how that goes.
Stablecoins Will Only Have Value on PoS Ethereum Post-Merge - Blockworks
Once-hacked for $77M, Beanstalk's Algo Stablecoin Protocol Relaunches - Cointelegraph
Cryptoeconomics and Blockchain Protocols
Thousands of Solana Wallets Drained in Multimillion-Dollar Exploit - Tech Crunch
Solana has yet again suffered an attack — almost 8,000 Solana wallets were drained from an unknown attacker, resulting in $8MM of consumer funds being lost. The attack targeted “hot” wallets, like Phantom, which are always connected to the Internet through browser extension or app. The investigation found that the affected addresses were created, imported or used at some point on the Slope Wallet, a Solana wallet app used for Solana Pay, DeFi, and NFT trading.
No evidence was found to suggest the Solana protocol itself was compromised. But there’s a lot of user frustration, given the multiple network outages that have already occurred and the TVL news we shared above. Will users no longer feel safe storing their funds in a non-custodial wallet on Solana? We are watching Phantom’s $1.2B valuation and their 2MM+ users, as well as a16z.