Up to $26 million worth of Rari’s governance token may be distributed among users impacted by a hack that drained $10 million from the protocol this past weekend.
Following a $10 million exploit over the weekend, decentralized finance protocol Rari Capital is formulating a plan to compensate victims.
According to an official postmortem of the attack published May 9, the platform lost 2,600 ETH equal to 60% of all users’ funds in its Rari Capital Ethereum Pool. Rari automates yield farming by rebalancing users’ funds and pools.
On May 10, Rari founder Jai Bhavnani posted an update revealing that all of the protocol’s contributors had voted to return the 2 million RGT tokens initially slated for developer incentives back to the project’s decentralized autonomous organization, or DAO, to reimburse users impacted by the hack.
While an exact distribution plan is still being discussed by Rari Capital’s developers and community, Bhavnani noted that tRGT token holders will be eligible to claim a share of the DAO’s stablecoin reserves during a May 10 community call.
The DAO currently holds 8.7 million tokens RGT worth $121.8 million, equating to roughly 1% of RGT’s supply,
With the Rari Governance Token currently trading for $13.36 according to Coingecko, the total funds allocated to reimbursement are worth roughly $26.7 million at the time of writing. RGT prices dumped 44% following the hack, falling from $18 to $10 in less than an hour.
Bhavani noted the protocol was started as a fair launch project that did not sell tokens or raise money from venture capital. He added that the concept of a Rari Team has been disbanded and there are now only contributors and token holders.
The Rari Capital Ethereum Pool deposits ETH into Alpha Finance’s ibETH token as one of its yield-generating strategies. The attacker manipulated the contract to and withdraw more funds than they had deposited. A flash loan was taken out from the dYdX exchange in order to deposit ETH and make repeated withdrawals, draining the pool in the process.
The Rari Capital exploit follows several recent high-profile hacks in the DeFi sector, such as ForceDAO losing $367,000 in early April, and EasyFi losing as much as $60 million on April 20.
Rari is not the only protocol seeking to compensate its users, with cross-chain DeFi protocol EasyFi announcing that 25% of lost funds would be distributed to users immediately in the form of stablecoins, while the remaining 75% will be distributed as “IOU” tokens redeemable for EZ v2 tokens.