Ryan Sean Adams

50% of Drift's total TVL was drained.

How did this happen?

The attacker somehow got a hold of two of the five multi-sig signatures through social engineering, and they just were allowed to push a transaction through that I think some of the other multi-sig signers did.

couldn't comprehend.

And so they just pushed them to approve, which gave them control over the protocol.

That's market creation, Oracle assignment, withdrawal limits, and also importantly, no time locks.

And so once the exploiter had access to the sufficient number of admin keys, they basically had full admin control over the protocol.

Weeks before they got access to these keys, they made this fake token that they had minted and wash traded for days and days and days and days so that they could create this fake volume that made this token perceived to be real.

That allowed them, once they had governance over the protocol, to add this token to the Drift protocol.

And they controlled the entire supply.

And so once this token was approved as collateral, they could collateralize this token and then withdraw USDC, USDT, CB Bitcoin from the protocol.

All of this happened in 31 transactions over 12 minutes that resulted in $285 million getting drained.

The Drift token fell 20% in the hours after the exploit was first reported.

There's a lot of just kind of criticism on the Drift structure, the admin setup, the multi-sig setup of Drift from some DeFi founders.

So both Stani from Aave and Hayden from Uniswap said something to the effect of Drift was not DeFi.

If you have admin keys that can do these sorts of things, like one single entity can govern this protocol in this particular way, that's just not DeFi.

Hayden said, people might accuse me of gravedancing for saying it, but we have to stop letting centralized things call themselves DeFi.

An admin key that can drain all the funds?

CeFi.

Otherwise, DeFi means nothing and the brand is destroyed.