Sentiment, an undercollateralized lending protocol, appears to have been exploited on April 4 for over $500,000 in crypto. Ethereum blockchain data shows a transaction that transferred 536,738.410031 USD Coin (USDC) from the Synapse Bridge, and this links up with a series of Arbitrum transactions draining coins from the Sentiment protocol. The wallet performing the attack has been labeled “Sentimentxyz Exploiter” by Arbiscan, and the Sentiment team has announced on Twitter that they are aware of a “potential issue” with the protocol.The Sentiment team has recently been made aware of a potential issue concerning the Sentiment protocol. We are actively looking into the situation and will provide additional information momentarily.— Sentiment (@sentimentxyz) April 4, 2023
Twitter user Officer’s Notes has suggested that this may be a reentrancy attack. The user relied on research done by @FrankResearcher to come to this conclusion.The Sentiment team has not yet stated what steps are being performed to stop the attack or what users should do to mitigate risk.This is a developing story, and further information will be added as it becomes available.