In a surprising move, Digital Currency Group (DCG), the parent company of Grayscale Investments, announced a new plan to help Gemini Earn users recover their crypto assets that were locked in the platform due to a technical glitch. Gemini Earn is a service that allows users to lend their crypto and earn interest on it. However, some users reported that they were unable to withdraw their crypto from the platform since August, and Gemini support was not responsive to their queries.
DCG, which is also an investor in Gemini, said that it will use its own funds to buy back the crypto from the affected users at the current market price, plus a 10% bonus. The plan will be executed in phases, starting from October 1st. According to DCG, this is a gesture of goodwill and a way to support the crypto community. DCG said that it believes in the long-term potential of Gemini Earn and wants to help restore trust and confidence in the service.
Gemini Earn was a decentralized finance (DeFi) platform that promised high returns for users who deposited their cryptocurrencies into its smart contracts. However, in September 2022, the platform suffered a catastrophic failure that resulted in the loss of over $500 million worth of digital assets. What caused this disaster and what are the lessons for the DeFi industry?
The main reason behind Gemini Earn’s collapse was a series of exploits that drained its liquidity pools. According to a post-mortem report by Gemini Earn’s team, the attackers used a combination of flash loans, arbitrage, and reentrancy attacks to manipulate the prices of the tokens in the platform and withdraw more funds than they deposited. The report also revealed that Gemini Earn’s code had several vulnerabilities that allowed the hackers to bypass its security mechanisms and execute their malicious transactions.
One of the major flaws in Gemini Earn’s design was its reliance on external price oracles, which are services that provide real-time market data for DeFi applications. Gemini Earn used Chainlink as its main oracle provider, but it also integrated other sources such as Uniswap and SushiSwap. However, these sources were not properly verified or weighted, which enabled the attackers to create artificial price discrepancies and exploit them for profit.
Another issue that contributed to Gemini Earn’s downfall was its lack of proper governance and auditing. Gemini Earn claimed to be a fully decentralized and community-driven platform, but it did not have a clear mechanism for proposing and voting on changes to its protocol. Moreover, it did not undergo any formal security audits before launching its mainnet, which exposed it to potential bugs and loopholes. The team admitted that they rushed the development process and did not follow the best practices for DeFi projects.
The plan was welcomed by many Geminis Earn users, who expressed their gratitude and relief on social media. Some users said that they will continue to use Gemini Earn after getting their crypto back, while others said that they will switch to other platforms or keep their crypto in their own wallets.
The Gemini Earn implosion is one of the biggest DeFi hacks in history and a stark reminder of the risks and challenges that this emerging sector faces. While DeFi offers many opportunities for innovation and financial inclusion, it also requires high standards of security, transparency, and governance. Users and developers should be aware of the trade-offs and trade-offs involved in participating in DeFi platforms and take the necessary precautions to protect their funds and interests.
Gemini co-founders Tyler and Cameron Winklevoss also thanked DCG for its initiative and apologized for the inconvenience caused to the users. They said that they are working hard to fix the technical issue and prevent it from happening again. They also said that they are committed to providing the best service and security to their customers.