- Topic
60k Popularity
6k Popularity
5k Popularity
681 Popularity
98k Popularity
- Pin
- 🎉 Attention Alpha fans! Alpha’s latest TAG airdrop goes live today at 10 AM—first come, first served!
💰 Don’t forget to share your airdrop or points screenshot on Gate Square with the hashtag #ShowMyAlphaPoints# for a chance to win a share of the $200 token mystery box!
🥇 Top points winner: $100
✨ 5 outstanding posts: $20 each
📸 Pro tips:
Add a caption like “I earned ____ with Alpha. So worth it”
Share your points-earning tips or redemption experience for a better chance to win!
📅 Activity deadline: August 10, 18:00 UTC
Let’s go! See you tonight: https://www.gate.com/announcements/article - Hey fam—did you join yesterday’s [Show Your Alpha Points] event? Still not sure how to post your screenshot? No worries, here’s a super easy guide to help you win your share of the $200 mystery box prize!
📸 posting guide:
1️⃣ Open app and tap your [Avatar] on the homepage
2️⃣ Go to [Alpha Points] in the sidebar
3️⃣ You’ll see your latest points and airdrop status on this page!
👇 Step-by-step images attached—save it for later so you can post anytime!
🎁 Post your screenshot now with #ShowMyAlphaPoints# for a chance to win a share of $200 in prizes!
⚡ Airdrop reminder: Gate Alpha ES airdrop is - Gate Futures Trading Incentive Program is Live! Zero Barries to Share 50,000 ERA
Start trading and earn rewards — the more you trade, the more you earn!
New users enjoy a 20% bonus!
Join now:https://www.gate.com/campaigns/1692?pid=X&ch=NGhnNGTf
Event details: https://www.gate.com/announcements/article/46429 - Hey Square fam! How many Alpha points have you racked up lately?
Did you get your airdrop? We’ve also got extra perks for you on Gate Square!
🎁 Show off your Alpha points gains, and you’ll get a shot at a $200U Mystery Box reward!
🥇 1 user with the highest points screenshot → $100U Mystery Box
✨ Top 5 sharers with quality posts → $20U Mystery Box each
📍【How to Join】
1️⃣ Make a post with the hashtag #ShowMyAlphaPoints#
2️⃣ Share a screenshot of your Alpha points, plus a one-liner: “I earned ____ with Gate Alpha. So worth it!”
👉 Bonus: Share your tips for earning points, redemption experienc - 🎉 The #CandyDrop Futures Challenge is live — join now to share a 6 BTC prize pool!
📢 Post your futures trading experience on Gate Square with the event hashtag — $25 × 20 rewards are waiting!
🎁 $500 in futures trial vouchers up for grabs — 20 standout posts will win!
📅 Event Period: August 1, 2025, 15:00 – August 15, 2025, 19:00 (UTC+8)
👉 Event Link: https://www.gate.com/candy-drop/detail/BTC-98
Dare to trade. Dare to win.
Euler Finance suffered a flash loan attack, resulting in a loss of nearly 200 million dollars.
Euler Finance遭遇flash loan attack,损失近2亿美元
On March 13, 2023, the Euler Finance project suffered a flash loan attack due to a smart contract vulnerability, resulting in a significant loss of approximately $197 million. The attacker exploited the lack of liquidity checks in the donateToReserves function of the contract and completed the attack through multiple operations.
Attack Process Analysis
The main steps of the attacker are as follows:
Borrowed 30 million DAI from a lending platform using Flash Loans, and deployed two contracts for lending and liquidation.
Stake 20 million DAI into the Euler Protocol contract to receive 19.5 million eDAI.
Use Euler Protocol's 10x leverage feature to borrow 195.6 million eDAI and 200 million dDAI.
Use the remaining 10 million DAI to repay part of the debt, burn the corresponding dDAI, and then borrow an equivalent amount of eDAI and dDAI again.
Donate 100 million eDAI through the donateToReserves function, then call the liquidate function to liquidate and obtain 310 million dDAI and 250 million eDAI.
Finally, extract 38.9 million DAI, repay 30 million Flash Loans, and the net profit is approximately 8.87 million DAI.
Cause of the Vulnerability
The core of the attack lies in the absence of necessary liquidity checks in the donateToReserves function of the Euler Finance contract. Unlike other key functions such as mint, the donateToReserves function does not call checkLiquidity for user liquidity verification. This allows attackers to place themselves in a liquidatable state through specific operations and then complete the liquidation for profit.
Under normal circumstances, the checkLiquidity function would call the RiskManager module to ensure that the user's Etoken is always greater than the Dtoken, maintaining the security of the contract. However, the donateToReserves function skipped this important step, resulting in a serious security vulnerability.
Lessons and Recommendations
This incident once again highlights the importance of security audits for smart contracts. For lending projects, special attention needs to be paid to the following key aspects:
The project team should conduct a comprehensive security audit before launching to ensure that every function of the contract has undergone rigorous security checks. Additionally, continuous security monitoring and a bug bounty program are also effective measures to ensure the long-term security of the project.
In addition, developers should pay attention to consistency between functions, ensuring that key security checks (such as liquidity checks) are correctly implemented across all relevant functions. This not only includes main functions but should also cover auxiliary functions such as donations.
Finally, it is recommended that project teams and developers remain vigilant against emerging attack methods and regularly update security strategies to address the evolving threats to blockchain security.