Helio protocol had a total value locked of approx. $90 million before the incident.
According to a Twitter post dated Dec. 7, stablecoin protocol Helio, which issues the HAY stablecoin pegged against the U.S. dollar, said that the firm had bought back $3 million worth of bad debt in HAY thus far in the open market. The day prior, blockchain infrastructure platform Ankr stated it would allocate $15 million to buy back the bad debt resulting from its recent exploit and the resultant over-circulation of HAY.
A series of seemingly unrelated incidents occurred on Dec. 2 when a hacker manipulated vulnerabilities in Ankr’s smart contract code and compromised private keys after a technical upgrade. As a result, the hacker minted 20 trillion Ankr Reward Bearing Staked BNB (aBNBc) tokens, which was pegged to the BNB token (BNB), and dumped them as the price of aBNBc plunged to less than $2 from around $300.
However, a trader then took advantage of an alleged hard-coding of pegged prices between aBNBc and BNB on the Helio protocol. The trader bought 183,885 aBNBc with only 10 BNB and used it as collateral to borrow 16 million HAY, which was then swapped for 15.5 million Binance USD, earning a 5,209x profit from their original capital.
2/ Firstly, the team has already started our peg recovery process for $HAY, and this process is expected to be completed by Tuesday, December 6th UTC +4.
We expect HAY to be re-pegged, or at the very least, be close to the $1 mark.
— Helio Protocol ($HAY) (@Helio_Money) December 4, 2022
Subsequent to the exploit, HAY lost its peg and fell to as low as $0.20 per coin before recovering most of its losses and is now trading at $0.96 at the time of publication. Immediately after the incident, the Helio team stated that it would be repurchasing the excess HAY and sending it to a burn address. Originally, users were able to mint HAY by depositing BNB as collateral at a ratio of 152%. The protocol had a total value locked of around $90 million before the incident.