OptiFi locks up $661,000 by accidentally shutting itself down

Quick Take

  • OptiFi mistakenly shut down its mainnet while trying to upgrade the protocol.
  • The protocol’s funds are locked up and will remain so unless Solana validators agree to a patch that will make the protocol recoverable.
 

OptiFi, a DeFi options trading protocol on Solana, accidentally shut down its mainnet thereby rendering $661,000 in user funds inaccessible, the project announced on Tuesday.

According to the team’s incident report, the mistake happened while trying to update the protocol’s mainnet. The team said the process took longer than expected probably due to network congestion on Solana. As a result, they aborted the upgrade but not before the process created an intermediary account.

The developers then tried to reverse the creation of this intermediary account by closing the program. They used a command called “solana program close.” Unknown to the team, this command actually shuts down a protocol and freezes its tokens permanently. As such, the total value locked in the platform, amounting to $661,000, is now locked.

“Here it turned out that we didn’t really understand the impact and risk of this closing program command line. ‘solana program close’ is actually for closing the program permanently and sending the SOL tokens in the buffer account used by the program back to the recipient wallet,” the team stated in the incident report.

OptiFi says it has learned from the incident and will take steps to prevent the same event from happening again. The Solana DeFi protocol says it will employ a “peer-surveillance approach” in future contract deployments. This approach involves using at least three participants in the process to review the steps being taken by the deployer to prevent future mistakes. OptiFi also said that it plans to compensate all affected users.

A Possible Fix on Solana

Richard Patel, a contributor on Jump Crypto’s Solana validator client Firedancer, proposed a possible solution in the wake of the incident. This patch will reportedly make it possible for deleted Solana programs to be recoverable along with the funds held in such contracts.

The proposal has been pushed to the Solana GitHub repository but it is only the first step. Patel’s proposal will need to pass a technical review and then be designated as a feature (a name given to functions that the blockchain supports). The majority of Solana validators will then need to approve the feature before it can be activated on the network.

 

© 2022 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.