A single mistake in DeFi can have permanent and very expensive results as the creators of a Solana-based protocol discovered this week.
Options-trading decentralized exchange OptiFi announced on Monday that it had accidentally closed down its program on Solana’s mainnet, which means that all funds within the app are now permanently inaccessible. The damage? Some $661,000 worth of USDC stablecoin in total.
“We had an update to our Solana program code, so our deployer tried to upgrade the OptiFi program on Solana mainnet,” the team wrote in a postmortem report. “However, we accidentally used the ‘Solana program close’ command, resulting in our OptiFi program on mainnet being unfortunately closed.”
OptiFi's program has been closed by mistakes we made.
1. We accidentally closed the OptiFi mainnet program and it's not recoverable
2. 661k USDC is locked in the PDAs, luckily 95% of the fund is from our team member
3. We will compensate for all users’ funds
— OptiFi (@OptifiLabs) August 29, 2022
OptiFi has promised to reimburse all users’ funds, but noted that about 95% of the inaccessible crypto funds were held by a member of the team. The refund process will take up to two weeks to complete, the team wrote. In the post, the creators detailed the process by which its developers accidentally closed off access to the program.
“OptiFi’s team will learn from this harsh lesson and keep on building for everyone who trusts us,” it tweeted. “[Sincere] apologies to all the users [who] put faith in us and got affected by our mistakes.”
While OptiFi’s team took responsibility for the mistake that led to the program being permanently locked, it also offered suggestions to Solana’s core developers to help others avoid a similar fate. The team wants more official documentation about the “Solana program close” command, plus an extra confirmation step for app developers before confirming the instruction.
OptiFi—which had just launched on mainnet earlier this month—apparently plans to deploy a new version of its program, and said that it will use a peer-surveillance system to ensure that at least three people are involved with any future blockchain actions. According to its post, the team hopes that such a system will minimize impatient actions and further mistakes.
“Every deployment needs a rigorous process and single-point failure can be avoided,” OptiFi’s team wrote in all caps. “Please don’t rush like what we did, especially for DeFi projects.”