Polkadot-Powered Stablecoin Tanks As Hackers Mint 1.3B Tokens 

Hackers minted themselves 1.3 billion aUSD tokens on Sunday, sending the dollar-pegged stablecoin as low as $0.07 on KuCoin

by Shalini Nagarajan /
article-image

Acala deity in Buddha Tooth Relic Temple in Singapore | Source: Shutterstock

share

key takeaways

  • Hackers attacked Acala’s new liquidity pool to mint more than one billion aUSD tokens
  • aUSD crashed almost immediately but has since rebounded, now trading above $0.90

Polkadot-powered stablecoin acala dollar (aUSD) crashed to below 10 cents on Sunday after hackers minted 1.3 billion of the tokens for free.

The stablecoin’s issuing network Acala voted to suspend functionality to address the situation. In a tweet on Sunday, Acala said it noticed a configuration issue on its stablecoin protocol Honzon, which directly affects how aUSD operates.

Acala, one of the first Polkadot parachains, styles itself as a “DeFi hub” for the network. It had just launched a yield-bearing liquidity pool for aUSD and a form of wrapped bitcoin, which contained a bug dictating how the pool pays out rewards.

On-chain observers found hackers had exploited the flaw to mint 1.3 billion aUSD, with one attacker wallet holding about 1.27 billion aUSD. 

The incident resulted in aUSD, which had held its soft peg since its February launch, crashing as low as $0.07 on KuCoin, echoing TerraUSD’s collapse in May. 

However, aUSD quickly rebounded and now trades for more than $0.90. Blockchain explorers show aUSD’s official supply is almost 4.8 million tokens.

While Acala’s Honzon protocol manages the stablecoin based on various risk management algorithms, aUSD’s value is also derived from a basket of reserve assets, mostly Polkadot ecosystem tokens. Users can mint aUSD by sending certain digital assets to the protocol.

“This enables people to transact, trade, and facilitate services using aUSD without price volatility,” it said in aUSD’s announcement post.

Polkadot networks handle hackers with governance votes

Acala has labeled the snafu a “misconfiguration,” saying it had been rectified the same day and wallet addresses that received the erroneously-minted aUSD had been identified.

The network itself hasn’t disclosed the amount of tokens printed throughout the incident, but said it managed to retain over 99% of the tokens involved.

The remaining illicit aUSD has been locked until a collective governance decision on what to do next has been voted upon, Acala added.

Loading Tweet..

Last October, experimental Polkadot implementation Kusama similarly voted to manage a security vulnerability involving stolen tokens.

Both Acala Network and co-founder Bette Chen didn’t return Blockworks’ request for comment by press time.

Acala’s ACA has shed about 13% since the attack. Binance CEO Changpeng Zhao said in a tweet that the exchange was “monitoring” the situation. Binance doesn’t list aUSD but does support ACA trade.

David Canellis contributed reporting.

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the Forward Guidance newsletter.

Get alpha directly in your inbox with the 0xResearch newsletter — market highlights, charts, degen trade ideas, governance updates, and more.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Digital Asset Summit 2025

Javits Center North | 445 11th Ave

Tues - Thurs, March 18 - 20, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

recent research

Unlocked by Template.jpg

Research

Bitcoin Expressivity with BitcoinOS

The BitcoinOS team is the first to have developed and posted a ZK-compressed proof on the Bitcoin network. Other proof verification efforts have been limited to the Signet or testnet deployments. Their work has resulted in the development of BitSNARK, a software library for ZK-compressed fraud proofs on the Bitcoin network. The project aims to provide a horizontal scaling solution, offering a one-stop shop for teams interested in developing a rollup on Bitcoin. This approach shares similarities with the horizontal tech stack scaling in other ecosystems like Cosmos and Optimism, particularly in its focus on simplified verification, bridging standards, and lightweight interoperability.

by 0xMims

/

news

article-image

Analysis

Crypto monthly active addresses are hitting all-time highs: A16z

A16z’s State of Crypto report shows that DeFi has the largest number of daily active addresses, with stablecoins following closely behind

by Katherine Ross /
article-image

DeFi

Conduit sees path to gigagas throughput with new sequencer

G2 is delivering real-world performance breakthroughs at 50-100 Mgas/s, Conduit says

by Macauley Peterson /
article-image

Analysis

Memecoin conceived by AI trumps Trump-linked token sale

World Liberty Financial’s token sale debuted just as an absurd AI-fueled memecoin captured crypto’s attention

by David Canellis /
article-image

Empire Newsletter

World Liberty Financial’s presale overshadowed by memecoin-shilling AI

Plus, would crypto be better out of the limelight?

by Katherine Ross&David Canellis /
article-image

Policy

Coinbase continues with SEC lawsuit over denied FOIA request 

Coinbase hired History Associates in 2023 to assist in retrieving records from the SEC and FDIC

by Casey Wagner /
article-image

Forward Guidance Newsletter

VP Harris’s latest crypto comments fall short on details

Hours after pledging to support Black men’s rights to safely invest in crypto, VP Harris’s Monday night speech mentioned blockchain zero times

by Casey Wagner&Ben Strack /