- Acala has released a full trace report after a misconfiguration error resulted in erroneous minting of over 3 billion aUSD.
- The error mint tokens were transferred to wallet addresses of iBTC/aUSD contributors claiming iBTC/aUSD LP rewards.
- 99% of the erroneously minted tokens remain on Acala parachain, while a small portion has been exchanged with ACA.
Acala released a full trace report on September 1, tracing the details of the decentralized financial exploit. After a misconfiguration in the newly launched iBTC/aUSD liquidity pool, a significant number of aUSD tokens were minted erroneously.
Acala community shared a blog post announcing the launch of the iBTC/aUSD liquidity pool where users staking iBTC/aUSD LP tokens can claim their iBTC/aUSD LP rewards. However, the error mints of aUSD were transferred to iBTC/aUSD LP contributors when they claimed their rewards.
Since then, the misconfiguration has been corrected and all wallet addresses that received the erroneously minted aUSD have been traced with complete on-chain activity in the pipeline.
The full trace report starts from the origin of the aUSD incident, highlighting the 16 identified wallet addresses that received the aUSD error mints transfer. Continuing the investigation, the trace follows every address of the original 16 addresses transacted with. The subsequent transactions finally led the trace to the parachain addresses and exit like CEX addresses.
At present, the trace has recognized 99% of the aUSD error mints, while highlighting the remaining ones that currently exist on the Acala parachain.
In addition, the trace also shared in detail how many errors mints each address accounted for. 11.21 million aUSD error mints were accounted for by the top 10 addresses. Out of which, 1.4 million aUSD erroneously minted tokens transferred from one of the identified 16 addresses stayed in 2 destination addresses. Moreover, 9.81 aUSD error mints acquired from trading remained in 8 wallet addresses.