The Root Cause of Sentient’s $1 Million Theft on Arbitrum Network

On April 5th, according to PeckShield monitoring, Sentient, an unlicensed partial mortgage loan agreement, was stolen about $1 million on the Arbitrum network early this morning. The root cause is the read-only and reentrant nature of Balancer.

Security team: Sentient loan agreement stolen $1 million on the Arbitrum network

Introduction

On April 5th, Sentient, an unlicensed partial mortgage loan agreement, was stolen about $1 million on the Arbitrum network early this morning. Many investors were shocked, and it all happened due to the read-only and reentrant nature of Balancer. In this article, we will discuss the root cause of this theft and how it can be prevented in the future.

What is Sentient?

Sentient is an unlicensed partial mortgage loan agreement on the blockchain, founded by Michael Arrington. It provides a new form of borrowing by combining token regulations with traditional financial concepts. However, Sentient is also highly susceptible to hacking and theft, and this recent event proves that.

The Balancer Protocol

Balancer is a widely-used protocol for automated market making on Ethereum, and it allows users to create customizable asset pools for trading. However, one shortcoming of Balancer is its read-only and reentrant nature, which can give malicious actors the opportunity to re-enter and manipulate the system.

The Exploit

The Sentient theft was caused by an intruder who exploited a vulnerability in Balancer’s design. The attacker created a smart contract that was able to interact with the Sentient protocol and drain users’ funds. This was made possible by Balancer’s reentrant and read-only limitations, which created a loophole for exploitative attacks.

Prevention Measures

To prevent similar attacks, developers should aim to create coding standards that disallow reentrancy and make smart contracts highly visible. Additionally, clear and concise documentation should be provided to ensure that all users understand the risks of using protocols such as Balancer.

Conclusion

The Sentient theft highlights the risks associated with unlicensed mortgage loan agreements and automated market making protocols. Balancer’s weakness in re-appendancy and read-only functionality underscores the need for improving the security of decentralized systems. Developers must take proactive measures to prevent these kinds of incidents from occurring in the future.

FAQs

1. How much was stolen from Sentient?
– Approximately $1 million was stolen.
2. Who founded Sentient?
– Michael Arrington founded Sentient.
3. What can be done to prevent similar attacks in the future?
– Developers can create coding standards, disallow reentrancy, enhance visibility of smart contracts, and provide clear and concise documentation.