Nirvana Finance: Flash Loan + AMM Price Manipulation (Treasury Drain)
Nirvana Finance, which claimed its ANA token "cannot go to zero," was drained of $3.5M via a $10M Solend flash loan that inflated ANA 3x before the treasury was cashed out at the fake price — NIRV and ANA then crashed ~90%.
Summary #
Nirvana Finance suffered a Algorithmic Stablecoin / Treasury Protocol on 2022-07-28, resulting in a loss of approximately $4M.
What happened #
Nirvana Finance, which claimed its ANA token "cannot go to zero," was drained of $3.5M via a $10M Solend flash loan that inflated ANA 3x before the treasury was cashed out at the fake price — NIRV and ANA then crashed ~90%.
Linked factors #
- RD-F-004 — causal : Audit count likely 0; floor display [via dashboard_risk_factors/Vulnerability in audited or unaudited code: Unknown — likely unaudited given "automatic audit" claim]
- RD-F-006 — causal : Audit-deploy gap — alternate field name [via dashboard_risk_factors/Code newly deployed/upgraded?: Yes — recently launched]
- RD-F-007 — related : Bug bounty absent — baseline integrity gap [via dashboard_risk_factors/Bug bounty: Unknown]
- RD-F-076 — related : Protocol age (Cat 5 — < 6 months age signal) [via dashboard_risk_factors/Protocol age: Very new — launched weeks before hack]
- RD-F-099 — illustrative : Oracle price deviation > X% from secondary source — RT signal would have fired [via realtime_signals/Oracle anomaly (Y/N): Y — ANA price manipulation via flash loan]
- RD-F-100 — illustrative : Flash loan > $10M origination — RT signal [via realtime_signals/Unusual borrowing (Y/N): Y — $10M flash loan from Solend]
- RD-F-111 — causal : Team doxx status — pseudonymous-no-track-record class [via dashboard_risk_factors/Team anonymity: Anonymous / pseudonymous]