A DeFi trading platform on the Solana blockchain, Mango Markets, is looking into a hack wherein it lost approximately $112 million in digital assets. The hacker managed to drain the platform of funds by using a technique called oracle price manipulation. The attacker made off with various digital assets, mostly stablecoins including $53.7 million in USD Coin (USDC) and $3.2 million in Tether (USDT), as well as Solana (SOL).
The hacker(s) proposed to return a portion of the stolen funds – Marinade staked Solana (MSOL), a staking derivative, native SOL, and the platform’s very own MNGO governance token. And the rest will be kept as a bounty. But this will only happen if Mango’s DAO community votes “yes” on the hacker’s proposal.
The attacker wrote on the protocol’s governance forum that by accepting the proposal, mango token holders agree to pay this bounty and pay off the bad debt with the treasury and abandon any potential claims against accounts with bad debt. The protocol will not pursue any criminal investigations or freezing of funds once the tokens are sent back. Moreover, the hacker requested Mango to use its treasury stash of 70 million USDC to repay bad debt. The debt came about in June when the Mango community teamed up with another Solana-based lending and borrowing protocol Solend. It was to tackle a systemic risk caused by a single large borrower, at risk of liquidation that put the Solana DeFi ecosystem in jeopardy.
The hacker also wants the Mango DAO to not pursue any criminal investigations or freeze the funds via centralized stablecoins like USDC and USDT – once the crypto assets are returned. So far, Mango DAO members have voted in favour of the hacker’s proposal – a 99.9% yes rate from around 33 million MNGO tokens.