Radiant Capital, a cross-chain lending protocol built on the Arbitrum <button class="define-target" id="layer-2">layer-2</button> network, was hacked for 1,900&nbsp;ETH (~$4.5&nbsp;million). The exploit relied on a flaw in the underlying code, which was forked from Compound and Aave. The original code has a known rounding issue, which makes new projects vulnerable to attack shortly after they are deployed if they are not specifically configured to avoid the issue. In this case, the attacker had observed the <button class="define-target" id="smart-contract">contract</button> being deployed and performed the exploit only six seconds after the project was activated.<p>Radiant Capital sent an on-chain message to the attacker, offering to negotiate a <button class="define-target" id="bug-bounty">bounty</button>.</p>

Archived tweet

Tweet thread by PeckShield:

Tweet #1

Image #1:

Links: