Key takeaways:
- Crypto lending protocol Geist Finance is shutting down permanently due to losses from the Multichain exploit.
- The team was clear that the Chainlink oracles were not to blame for Geist’s closure.
According to a post on social media made on July 14 by the app’s development team, the cryptocurrency lending platform Geist Finance is permanently closing owing to losses from the Multichain hack.
On the Fantom network, Geist is a lending protocol. Geist contracts were paused on July 6, then resumed in “withdraw and repay only” mode on July 9. The team does not intend to resume lending and borrowing on Geist, according to the most recent post.
Before the Multichain attack, it had crypto assets worth more than $29 million locked up in its contracts. The Multichain platform’s spanned tokens, such as bridging versions of USD Coin, Tether, Bitcoin, and Ether, could be borrowed, lent, or used as collateral before the hack by Geist users. It tracked the prices of these assets using Chainlink oracles to determine the loan and collateral values.
The post claims that these oracles have ceased to provide accurate information. The team noted that they are now listing the non-bridged, or “real,” versions of each currency, which are worth more than four times as much as their Multichain derivatives:
“Because Chainlink oracles are tracking the value of real USDC, USDT, WBTC or ETH, they are not aware of the real value of Multichain assets.”
The team said that this renders it “impossible” to enable lending again because doing so will cause holders of non-Multichain coins like Magic Internet Money (MIM) or Fantom to incur bad debt. Geist won’t be able to reopen as a result. The team was clear that the Chainlink oracles were not to blame for Geist’s closure because they functioned as they should have.
On July 7, blockchain analytics professionals first revealed the Multichain hack. The Ethereum side of Multichain bridges, including those for Dogechain, Fantom, and Moonriver, had seen withdrawals totaling over $100 million. The Multichain team referred to the transactions as “abnormal” and advised users to stop utilizing the system. However, the team refrained from using the terms “hack” or “exploit.”
The Multichain team acknowledged on July 14 that a hack had caused the withdrawals from July 7. The network had been keeping all of its private key fragments in a “cloud server account” that was only accessible to the group’s CEO, who was taken into custody by Chinese police. Later, someone accessed this cloud server account and used it to steal money from the protocol.
No single server had access to all of a key’s fragments, according to a statement made by the protocol’s development team in earlier publications.
The July 14 post claims that the fee-based attack on July 11 was a counter-exploit started by the CEO’s sister at the request of the Multichain team to recoup funds. After the sister was later detained, the whereabouts of the assets she found are “uncertain.”
