You know there are many REKT in crypto space:

Like $HEX:

https://twitter.com/HEXMONGER/status/1564526048368160768

Or even the entire crypto space:

https://twitter.com/HEXMONGER/status/1564313102958469121

But we have never thought Compound will be rekt... oh well, maybe the next is ETH 2.0... who knows...

https://twitter.com/lanceeeeeeees/status/1564734265140854784

BUT...

How come Compound got rekt?

What is a Compound?

The Compound is one of the oldest Defi in the crypto space.

A Defi lending protocol allows users to earn interest on their cryptocurrencies by depositing their cryptos in the pools supported by the platform.

It was launched in September 2018. The idea was similar to any of Defi projects, to artificially pump up the liquidity of the cryptocurrencies since people likely will store their crypto and put it idle.

In crypto space, liquidity equals more money.

The difference is that Compound rewards you a governance token $COMP rather than some other Defi rewards you with another useless utility token to leverage their pools.

The break

https://twitter.com/RektHQ/status/1564980543690792961

When the Proposal 117  kicks in, it creates a reverts mechanism in the code that allows users to withdraw funds from the pool without inputting tokens.

https://twitter.com/compoundfinance/status/1564695152626655234

Potentially, you can steal cETH from the Compound protocol worth $830M and stick the transaction in the timelock.

The error code makes no distinction from cERC20 and cETH.

The error was immediately spotted and reversed to the previous version.

The impact

https://twitter.com/OptifiLabs/status/1564367455220219904

Many DApps and their partners will have to prevent the losses. For example, Solana mainnet can shut down its blockchain service, but others may not do so.

The future

Of course, forecasting the code error can be very difficult and near impossible until it deploys. 

Maybe some industry standards may introduce in the future