The latest report stated that the Terra crash earlier in May was not caused by a single enemy party. Rather, a total of seven wallets were flagged by Nansen researchers as they studied chain data from Terra to Ethereum. The report also concluded that UST de-pegging was not carried out by hackers or attackers.
Nansen report titled “Demystifying TerraUSD De-Peg” is an attempt to investigate Terra crashes. The report said that the attack was carried out by a group of seven well-funded wallets within the Terra ecosystem. The Namsen researchers studied chain data between 7. -1[ads1]1. May and traced the beginnings of the Anchor Protocol on Terra.
1 / What really happened $ UST?
After weeks of work from our team of researchers, here’s a thorough look at $ UST crisis that brought the Terra ecosystem.
Be sure to retweet if you also find it insightful.
The full report here: https://t.co/MMdtrUO6Ve pic.twitter.com/7HcsPNWZOQ
– Nansen 🧭 (@nansen_ai) May 27, 2022
The seven wallets first began to draw UST liquidity from Anchor. They then began moving liquidity to Ethereum via the Wormhole bridge and were later swapped for other stack coins at Curve’s liquidity pools. Finally, arbitrage opportunities were created due to inefficiency between Curve and several exchanges that led to the de-pegging of TerraUSD.
Follow the ‘Seven’ path
The wallets flagged by the report are as follows:
- 0x8d47f08ebc5554504742f547eb721a43d4947d0a (EIP 1559 user) – with a notable $ 85 million transaction by UST connected to Ethereum on May 7 and then switched to Curve for around $ 84.5 million in USDC.
- 0x4b5e60cb1cd6c5e67af5e6cf63229d1614bb781c (celsius) – which broke $ 175 million avUST out of Terra to Ethereum on May 7th. It then sent $ 125 million of UST to Curve, which was then swapped to the USDC in batches of $ 25 million.
- 0x1df8ea15bb725e110118f031e8e71b91abaa2a06 (hs0327.eth) – On May 8, the wallet over $ 20 million of UST went to Ethereum.
- 0xeb5425e650b04e49e5e8b62fbf1c3f60df01f232 (Heavy Dex Trader) – this wallet received around $ 10.5 million in UST on May 8, which was then exchanged for USDC on Curve.
- 0x41339d9825963515e5705df8d3b0ea98105ebb1c (Smart LP: 0x413) – which bridged $ 20 million of UST on May 8, which was then exchanged for USDC on Curve.
- 0x68963dc7c28a36fcacb0b39ac2d807b0329b9c69 (Token Millionaire / Heavy Dex Trader) – which traded around $ 30 million of UST, and traded it for USDC on Curve on May 8.
- 0x9f705ff1da72ed334f0e80f90aae5644f5cd7784 (Token Millionaire) – which made many transactions between May 8 and 9 and bridged a total of $ 60 million of UST to Ethereum.
No hack, no attack
The report also concluded that a small number of “players” were able to figure out vulnerabilities that led to the crash:
“This chain study refutes the story of an ‘attacker’ or ‘hacker’ working to destabilize UST. Instead, we found that a small number of players identified and arbitrated vulnerabilities – especially in relation to the shallow liquidity of the Curve pools that secured USTs. link to the other stable coins. “
This report will help security protocols on blockchains to prevent such theft from happening again. The mentioned vulnerabilities must be corrected in such attempts in the future.