Acala recovers 2.97 billion of aUSD stablecoin minted during exploit

Quick Take

  • Acala has recovered 2.97 billion aUSD following the security incident on its Polkadot parachain.
  • The team traced 16 addresses that minted more than 3 billion aUSD after misusing a protocol misconfiguration.

Acala, a parachain project on Polkadot, says it has recovered about 2.97 billion from 16 addresses that minted 3 billion Acala USD (aUSD) in a security incident last Sunday.

The incident occurred due to a code error in one of Acala's smart contracts that managed the iBTC/aUSD liquidity pool. The error allowed some Acala liquidity providers to mint its native stablecoin and illegitimately move them into their control.

Per the team, 99% of these “error mints” remained within addresses on the Acala network. This team halted the Acala chain and was able to freeze addresses that held the minted stablecoin.

After placing the network in maintenance mode on Monday, the team was able to recover 1.292 billion aUSD. This sum was burned following a swift passing of a governance vote.


Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

In its latest update, the team has recovered another 1.682 billion aUSD, which increased the overall recovered sum to 2.974 billion aUSD. This additional sum of 1.682 billion aUSD is expected to be burned as well before the team restores back its network. Meanwhile, 48 million aUSD hasn’t been recovered yet, which includes the minted aUSD that was swapped and transferred to other blockchains.

The incident caused tremendous volatility in the price of aUSD. It momentarily plummeted to less than 0.01, losing more than 99% of its value on Sunday. The stablecoin has since recovered and is changing hands at $0.90 at the time of writing.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Vishal Chawla is The Block’s crypto ecosystems editor and has spent over six years covering tech protocols, cybersecurity, artificial intelligence and cloud computing. Vishal likes to delve deep into blockchain intricacies to ensure readers are well-informed about the continuously evolving crypto landscape. He is also a staunch advocate for rigorous security practices in the space. Before joining The Block, Vishal held positions at IDG ComputerWorld, CIO, and Crypto Briefing. He can be reached on Twitter at @vishal4c and via email at [email protected]