The Polkadot-based platform was taken advantage of through a bug exploit which resulted in 1.28 billion tokens being minted.
The bug was found in the newly-deployed iBTC/aUSD liquidity pool, where a hacker allegedly had minted 1.2 billion worth of aUSD without collateral. A liquidity pool is a combined pile of digital assets locked in a smart contract, which creates liquidity in decentralised exchanges (DEX) and DeFi protocols for faster transactions.
aUSD is a stablecoin that is pegged with the United States dollar, which Acala claims to be censorship-resistant. iBTC is a Wrapped Bitcoin (wBTC), a token that was created for Bitcoin users to be able to use their funds on Ethereum.
aUSD had held a soft peg to the U.S. dollar, but had its price plunge from roughly $1.03 to $0.009 from the event.
While the exploit caused aUSD to crash down to amounts near $0.01, the Acala team had also frozen the error-minted tokens through shifting the network to maintenance mode. The transfer function on the platform was also paused.
Maintenance mode on the Acala Network had caused features such as xcm (Polkadot-based cross-chain communications), and swaps. Acala has announced that these features will remain paused until “further notice,” as a result of governance votes on the platform.
In a series of tweets describing the event, Acala Network has assured its users that it has also paused the oracle pallet price feeds, in which “users do not need to concern liquidations in between time.”
The Acala team has also announced that they are to formulate further community proposal & decision making through its community and governance to resolve and restore the aUSD peg.