The Truth Behind Yala's Anchor Removal: From Illegal Mortgages to Liquidity Extraction, a Carefully Planned Cicada Shedding Its Shell

CN
PANews
Follow
5 hours ago

According to the announcement, hackers stole 7.64 million USDC, and the team injected 5.5 million dollars of their own funds, obtaining additional liquidity through the Euler platform. By this calculation, the additional liquidity obtained through Euler is approximately 2.14 million dollars.

Here arises the first doubt: YU was minted by collateralizing YBTC, and obtaining 2.14 million dollars through Euler means that the protocol collateralized over 2.14 million dollars of YU on Euler, which must have at least over 3 million dollars of BTC as collateral behind it?

If this 3 million dollars of BTC belongs to the YALA team, why not directly exchange the BTC for U, instead of paying high interest rates to borrow from Euler?

I can think of two scenarios: ① The YU used for collateral on Euler does not have sufficient YBTC. ② The BTC corresponding to this YBTC does not actually belong to YALA (for example, some kind of drawer agreement).

The announcement also mentioned that some assets were exchanged for Ethereum before resuming trading, but the subsequent price drop, combined with the funds injected by the attacker, led to a decrease in the actual recovery value.

Here arises the second doubt: Based on the price of ETH at 3000U, the amount of funds that could be recovered from the hacker is approximately 4.9 million dollars, meaning that the recovered funds plus the 5.5 million dollars of their own funds exceed the 7.64 million dollar deficit. In this case, why was the project unable to obtain 2.14 million dollars in financing or bridge loans in other forms? After all, the project would be solvent after recovering the funds.

I can think of three scenarios: ① The project does not have a recovery plan, and the recovered funds will prioritize repaying their own funds. ② The project's financing credibility has deteriorated to the point where they cannot obtain additional funds, or losses in other areas far exceed 2.14 million dollars.

Next, further investigation into the data of YBTC reveals that 99% of YBTC is controlled by three addresses, which also means that 99% of YU is controlled by these four addresses, which we will temporarily name Address A - Address C.

Next, we will analyze the behavior of each address one by one:

Address A: Minted 39.35 million YU, repaid 17 million YU, with a net liability of about 22 million YU, and a balance of 2.4 million YU.

Address B: Minted 43.57 million YU, repaid 10 million YU, with a net liability of 33.57 million YU, and a balance of 2.77 million YU. Most of Address B's YU (about 30.15 million) flowed into contract 0x9593807414, which is Yala's Stability Pool, currently showing a total deposit of 32.8 million YU. This indicates that Address B is also completely normal.

Address C: Accumulated minting of 32.5 million YU, accumulated repayment of 33.3 million YU, and has already destroyed YBTC to retrieve BTC. All transaction activities are normal.

Clearly, the problem lies with Address A, so let's continue the investigation. The transactions of Address A are very complex, but overall, this address net minted 28 million YU and obtained additional YU through other addresses, most of which have already flowed out to various protocols.

From Dabank, we can see other interesting data; this address has collateralized a large amount of YU and PT, borrowing a total of 4.93 million dollars in USDT and USDC from Euler. Clearly, these three loans have substantially defaulted after YU dropped to 0.15 dollars.

Twelve days ago, this address used a small amount of U to purchase YALA and made partial repayments to Euler.

Considering the team's mention of "injecting 5.5 million dollars" and obtaining additional liquidity through the Euler platform, it is very likely that this address is the team's operational address, and we now know that the team obtained approximately 4.9 million dollars in liquidity from Euler.

Here is a dividing line; the above is objective data and facts, and the following content is my speculation, which may not be accurate.

(1) YALA obtained about 500 illegal YBTC in some way (which means YALA does not have substantial control over the corresponding 500 BTC) and used these 500 YBTC to mint 28 million YU (let's temporarily call this illegal YU).

These illegal YU may have been used for other purposes in the past, such as obtaining airdrops, providing DEX liquidity, or depositing into Pendle, but that is not important.

I believe the reason these 500 YBTC are illegal is simple; if you have 50 million dollars of BTC at your disposal, you would not take on high-interest loans for a funding need of 7.64 million dollars.

(2) After the hacker stole 7.64 million USDC, YALA used a portion of the illegal YU to obtain a loan of about 4.9 million dollars from Euler while also providing some of their own funds, attempting to get the protocol back on track.

One issue here is that the claimed 5.5 million dollars of self-funds plus 4.9 million dollars of illegal loans exceeds the 7.64 million dollar funding gap, and there are many potential possibilities, such as the 5.5 million dollar figure being exaggerated or a portion of the Euler loan being returned to the provider of the 5.5 million dollars.

(3) After the hacker was caught, due to some factors, the recoverable funds were far below 7.64 million dollars, for example, the previously mentioned 4.9 million dollars (considering the disposal process, the actual recoverable funds are even lower). In this case, the YALA protocol would still bear a loss of over 2.7 million dollars.

In this situation, Address A chose to default, shifting the loss onto Euler, but at the cost of the YALA protocol going bankrupt and ceasing operations.

(4) Who is the instigator? As previously mentioned, over 99% of YALA and YU are controlled by three addresses (plus one bfBTC depositor), among which Addresses B and C have no net inflow or outflow of YU, and they are unrelated to the entire matter.

The BTC depositor would also not incur losses; they only need to repay YU and retrieve their BTC. The losers are the holders of YU and its derivative assets, as well as the depositors of Euler.

And this money flowed to Address A, with the ultimate beneficiaries being the YALA team, who shifted the losses onto the users, and even if the team embezzled the 4.9 million dollars from judicial disposal, they could still profit from it. Of course, all of the above is based on the assumption that Address A belongs to the YALA Team.

免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。

Share To

Related Articles

avatar
avatar律动BlockBeats
15 minutes ago
机器人产业畅想:自动化、人工智能与Web3的融合进化
avatar
avatarPANews
21 minutes ago
从早期信念到资本形成的全链路:互联网资本市场的四个阶段
avatar
avatar深潮TechFlow
27 minutes ago
Behind the recent frequent decoupling of stablecoins: the industry has not learned lessons from history.
avatar
avatarOdaily星球日报
28 minutes ago
Popular Interaction Collection | Moonbirds Badge Collection; Zaiffer adds Galxe tasks (November 19)
avatar
avatar深潮TechFlow
35 minutes ago
Kraken raised $200 million, with a valuation reaching $20 billion, and Citadel Securities has taken a stake.
APP

X

Telegram

Facebook

Reddit

CopyLink