Create 2023-10-28-Astrid-Finance.md

[svg-arch]

No description provided.

[JediFaust]

/articlecheck

[JediFaust]

/articlecheck

[github-actions]

Fact Checking

• Statement: Astrid Finance lost approximately $228,000 in total:

  • 64.17 stETH (114,757 USD)

  • 39.16 rETH (76,328 USD)

  • 20 cbETH (37,637 USD)

  • Source: https://medium.com/neptune-mutual/understanding-the-astrid-finance-exploit-d8001a65b4f6 ✅

• Statement: October 28, 2023, 10:41:35 AM +UTC: The first malicious transaction occurred.

  • Source: https://etherscan.io/tx/0x8af9b5fb3e2e3df8659ffb2e0f0c1f4c90d5a80f4f6fccef143b823ce673fb60 ✅

• Statement: October 28, 2023, 04:13 PM +UTC: Astrid Finane team reported about the exploit.

  • Source: https://twitter.com/AstridFinance/status/1718254655288066501 ✅

• Statement: October 29, 2023, 09:08:35 AM +UTC: Hacker returned 80% of the stolen assets.

  • Source: https://neptunemutual.com/blog/understanding-the-astrid-finance-exploit/ ✅

Editor's Notes

In the ## Timeline section:

• The date format is inconsistent. It should follow the 'Month day, year, time PM UTC:' format for all entries.

• The word 'Finane' is misspelled and should be 'Finance'.

• The timeline entry on October 28, 2023 at 02:51:35 PM UTC regarding the bounty offer to the hacker is missing. This should be added for completeness.

Hugo SSG Formatting Check

• Does it match Hugo SSG formatting? ✅

Filename Check

• Correct Filename: 2023-10-28-Astrid-Finance.md
• Your Filename: 2023-10-28-Astrid-Finance.md ✅

Section Headers Check

• Allowed Headers: ## Summary, ## Attackers, ## Losses, ## Timeline, ## Security Failure Causes
• Your Headers: ## Summary, ## Attackers, ## Losses, ## Timeline, ## Security Failure Causes ✅

Metadata Headers Check

• Allowed Metadata Headers: date, target-entities, entity-types, attack-types, title, loss

• Your Metadata Headers: date, target-entities, entity-types, attack-types, title, loss ✅

• Notes:

  • The date metadata matches the date October 28, 2023 mentioned in the Summary ✅
  • The target-entities metadata matches Astrid Finance mentioned in the Summary ✅
  • The loss metadata matches the ~$228,000 loss mentioned in the Losses section ✅
  • The entity-types of DeFi matches the target entity Astrid Finance ✅
  • The attack-types of Smart Contract Exploit matches the type of attack described ✅

[evgenydmitriev]

/articlecheck

[github-actions]

Fact-Checking Results

• Statement: Astrid Finance Ethereum-based liquid restaking pool exploit October 28, 2023 $228,000 loss ✅

  • Source: https://www.binance.com/en/feed/post/2023-10-29-astrid-finance-suffers-exploit-after-auditors-recommended-fix-smart-contract-paused-and-full-refunds-promised-1541672

• Statement: Astrid Finance exploit smart contract vulnerability withdraw function input validation ✅

  • Source: https://neptunemutual.com/blog/understanding-the-astrid-finance-exploit/

• Statement: astrid finance exploit fake tokens withdraw funds stETH rETH cbETH 127 ETH ✅

  • Source: https://medium.com/neptune-mutual/understanding-the-astrid-finance-exploit-d8001a65b4f6

• Statement: astrid finance exploit critical oversight smart contract input validation withdraw function ✅

  • Source: https://neptunemutual.com/blog/understanding-the-astrid-finance-exploit/

Editor's Notes

• In the Timeline section:

  • Standardize the date-time format to 'Month Day, Year, Time PM UTC'
  • Add a colon after 'PM'
  • Change 10:41 AM UTC to 10:41 AM UTC
  • Change 02:13 PM UTC to 02:13 PM UTC
  • Change 02:51 PM UTC to 02:51 PM UTC
  • Change 07:22 PM UTC to 07:22 PM UTC

• Change 'Finane' to 'Finance'

• Standardize capitalization of 'stETH', 'rETH', 'cbETH'

Hugo SSG Formatting Check

• Does it match Hugo SSG formatting? ✅

Filename Check

• Correct Filename: 2023-10-28-Astrid-Finance.md
• Your Filename: 2023-10-28-Astrid-Finance.md ✅

Section Headers Check

• Allowed Headers: ## Summary, ## Attackers, ## Losses, ## Timeline, ## Security Failure Causes
• Your Headers: ## Summary, ## Attackers, ## Losses, ## Timeline, ## Security Failure Causes ✅

Metadata Headers Check

• Allowed Metadata Headers: date, target-entities, entity-types, attack-types, title, loss

• Your Metadata Headers: date, target-entities, entity-types, attack-types, title, loss ✅

• Notes:

  • Date in text: October 28, 2023

  • Date in metadata: 2023-10-28 ✅

  • Target entity in text: Astrid Finance

  • Target entities in metadata: Astrid Finance ✅

  • Loss in text: $228,000

  • Loss in metadata: 228000 ✅

[evgenydmitriev]

/payout

[github-actions]

Thanks, @svg-arch! 2532 characters were added/changed in this PR. At a rate of 3¢/char multiplied by 1x your contribution is worth $75.96. @albina-at-inca will process your payment.