Platypus Finance: Flash loan + emergencyWithdraw() solvency check bypass — collateral withdrawal without repaying borrowed USP
Platypus Finance's USP stablecoin was drained of $8.5M just 10 days after launch because the emergencyWithdraw() function let an attacker reclaim collateral without repaying their loan — a logic inversion that a pre-launch audit would have caught.
Summary #
Platypus Finance suffered a Algorithmic Stablecoin / Stableswap AMM on 2023-02-16, resulting in a loss of approximately $9M.
What happened #
Platypus Finance's USP stablecoin was drained of $8.5M just 10 days after launch because the emergencyWithdraw() function let an attacker reclaim collateral without repaying their loan — a logic inversion that a pre-launch audit would have caught.
Linked factors #
- RD-F-004 — causal : Audit count likely 0; floor display [via dashboard_risk_factors/Vulnerability in audited or unaudited code: Unaudited]
- RD-F-006 — causal : Audit-deploy gap — alternate field name [via dashboard_risk_factors/Code newly deployed/upgraded?: Y — USP stablecoin and associated collateral contracts newly launched]
- RD-F-007 — related : Bug bounty absent — baseline integrity gap [via dashboard_risk_factors/Bug bounty: Unknown]
- RD-F-076 — related : Protocol age (Cat 5 — < 6 months age signal) [via dashboard_risk_factors/Protocol age: Protocol ~1+ year; USP only 10 days old]
- RD-F-077 — causal : Prior exploit count [via cross-hack: Factor 5: Second Exploit on Same Protocol]
- RD-F-078 — causal : Chronic flag (≥3 prior exploits) [via cross-hack: Factor 5: Second Exploit on Same Protocol] || Chronic flag (≥3 prior exploits) [via cross-hack: Factor 59: Three-or-More Exploit History]
- RD-F-079 — causal : Same-root-cause repeat exploit [via cross-hack: Factor 5: Second Exploit on Same Protocol]