Following a mining failure involving its stablecoin aUSD, Acala Network announced on Monday that it has resumed operations following a referendum to allow LPs to withdraw liquidity from the pool or unstake LP tokens.
The community referendum to restore the first phase of Acala operations has been passed and implemented.
LPs who choose to unstake LP tokens or withdraw liquidity on Acala now have the option to do so. https://t.co/yzvOz7zwxT
— Acala (@AcalaNetwork) September 26, 2022
In August, the misconfiguration of the iBTC/aUSD liquidity pool resulted in the wrongful minting of 3.022 billion aUSD, Drop its price below $0.01 from its USD-pegged price. Acala is a decentralized finance platform built on Polkadot (point) ecosystem.
The wallet addresses that received minted aUSD have been identified through on-chain tracking, resulting in the recovery of 2.97 billion aUSD misminted from 16 addresses. 35 other accounts were identified as having received 12.38 million erroneously minted aUSD.
according to In the incident report, 16 iBTC/aUSD LP contributors received misminting, some of whom repeatedly added more liquidity to the pool, claiming that more aUSD was misminted and causing more aUSD to be misminted. It states:
“As the pool imbalance increased, some of these users repeatedly exchanged more aUSD erroneous mints. They then moved large amounts of aUSD erroneous mints to other chains and CEXs connected to XCM.”
The cause of the incident “was a vulnerability in the DEX save code that is part of the incentive tray,” the company said, adding that it also announced a security roadmap to bolster the security of the Acala network.
The report revealed the full scope of the incident. A total of 3.022B aUSD errors were reportedly minted, 2.97 billion aUSD was found in the addresses of 16 identified LP contributors, and 12.38 million aUSD was found in the top 35 accounts that received a large amount of aUSD error minting Wrong coinage. Link to the account that got it. The remaining 52.068 million aUSD misminted, misminted exchange tokens and addresses involved in the incident were identified.