Cream Finance intends to repay users after identifying the AMP integration error that caused a $25 million loss on the protocol.
Earlier this week, the DeFi lending protocol announced that it had lost $25 million in a flash loan attack. Having accepted full responsibility for the exploit, Cream disclosed that it will channel 20% of all fees towards repaying the affected customers.
While unfortunate and disappointing, we take ownership of the error.
Furthermore, it has offered to grant a 10% bug bounty to the exploiter if they decide to return the stolen funds and up to 50% for third parties who can assist with recovering the funds.
If anyone is able to identify and provide information leading to the arrest and prosecution of the exploiter, we will share 50% of all funds returned.
In the meantime, the team has contacted “the relevant authorities to pursue all avenues available.”
Unlike the Poly Network incident where the attacker offered to return his $600 million loot, it appears Cream Finance may be in for a long ride. This is the second time in the past six months that the protocol has been hacked.