Crema Finance: Faulty Account Owner Validation — Fake Tick Account Injection

Crema Finance lost $8.8M when an attacker created a fake Solana tick account with fabricated price data, tricking the protocol into paying millions in illegitimate LP fees.

Occurred 2022-07-04 Loss $9M Status closed

Summary #

Crema Finance suffered a DEX / Concentrated Liquidity AMM on 2022-07-04, resulting in a loss of approximately $9M.

What happened #

Crema Finance lost $8.8M when an attacker created a fake Solana tick account with fabricated price data, tricking the protocol into paying millions in illegitimate LP fees.

Linked factors #

RD-F-099 — illustrative : Oracle price deviation > X% from secondary source — RT signal would have fired [via realtime_signals/Oracle anomaly: Y — tick account data (price data used for fee calculation) was fabricated; a monitoring system comparing tick account owner validity agains...]
RD-F-111 — causal : Team doxx status — pseudonymous-no-track-record class [via dashboard_risk_factors/Team anonymity: Unknown]