$$$ KPO and CZM $$$: DeFi - Risks and Dangers (I Lost 97% Overnight)

Monday, May 24, 2021

DeFi - Risks and Dangers (I Lost 97% Overnight)

The recent crypto crash has taken away all the profits from last month but the worst part of my experience so far is being exploited by a hacker causing me to lose 97% of my capital/investment for that particular token. When I decided to give DeFi a try, I expected myself to encounter some exploit/exit scam along the way but definitely not so soon! 

I am aware that exploit/bug is almost unavoidable so I try to put my money at the top platform/dapp (decentralized application) that has undergone audit(s) but when it happens, you just die without knowing how you died. PancakeBunny was exploited a few days ago and you can read more about it here - Community Notice: Post Mortem Analysis.

In my previous article (PancakeSwap and PancakeBunny), I mentioned that these platforms can provide high yield because the governance tokens (CAKE and BUNNY) are created out of thin air and given to us as a form of reward. Long story short, the hacker exploited/made use of a bug in the code to "print/create" 6.9 millions of BUNNY token which he/she then dumped it all on the market to exchange for other tokens (ETH and BNB) causing the price of the BUNNY token to fall significantly. By doing this, he/she managed to walk away with US$45 million (technically not yet, shall explain more later).

2 weeks back, I swapped 4.177 BNB @ US$662.11 (~US$2.7k) for 8.735 BUNNY which meant that I paid ~US$316.74 per BUNNY token. You can check out the actual transaction here.

Imagine the horror of waking up to see the price of your BUNNY token becoming just US$7.90 or US$2.7k becoming US$69. This is officially my worst loss and a very painful one. To be fair, I did my due diligence, PancakeBunny was one of the top 3 dapps/platforms in BSC in terms of TVL and it was "incubated" by Binance Labs with no major findings in their Haechi Audit. 

On the bright side, the Bunny Team came up with a "compensation" plan which is better than nothing. You can read about it here - Go Forward Plan. Technically, they can just close "shop"/declare bankruptcy and nobody can hold them accountable. lol. Anyway, I got to stick around for the next 90 days in order to claim/receive my "compensation". I would like to remain optimistic and hopefully, I can bring down my losses from 97% to 50%? Fingers crossed!

Moral of the story - Smart contract risk is very real. It can definitely happen anywhere, anytime. Will this experience deter me from DeFi farming? Not at the moment but it made me rethink my strategy/plan which is to convert more of these governance token to stablecoins rather than hold them forever. If you are planning to invest in crypto, make sure you invest what you can afford to lose (like me). Life goes on :)

To end it off, the interesting thing about the blockchain is that all transactions are visible/available to everyone and we can actually see/follow the trails of the hacker:

After swapping all the BUNNY to ETH, he/she bridge/ran off to the Ethereum network and was not spared from the crash too. The wallet/address now holds US$30 million of DAI (stablecoin) as compared to the reported US$45 million. The question now is how can he/she cash out that money? All I know is CEX is definitely not an option where KYC is required. ¯\_(ツ)_/¯ 

Stay safe in both the real world and the DeFi world!

Anyway, I have blogged about different ways to leverage crypto to build wealth for people with different risk appetites:
The safer approach using stablecoins
Risky approach but more hassle-free
Highest risk and you are on your own
- DeFi apps on Binance Smart Chain (BSC) such as PancakeSwap and PancakeBunny
- DeFi - Risks and Dangers (I Lost 97% Overnight)

On a side note, Futu's moomoo app attractive sign-up bonus (one free Apple Share besides other benefits) has been extended to 31st May 2021 (1500hr SGT)! Take a look at the latest benefits here.

Do like any of the following for the latest update/post!
1. FB Page - KPO and CZM
2. Twitter - KPO and CZM
3. Click here to subscribe using email :)
4. Instagram - KPO_and_CZM (Did you see those delicious food photos to the right --> Unfortunately, you can't see it on mobile.)


  1. Did you listen to people in SGDeFi channel and buy BUNNY tokens like they did?

    1. Hi, I am not in that channel and did not know of its existence but interestingly, what I did in that morning was to close my remaining small farms to purchase some BUNNY tokens. Don't think I will pump in more capital to BSC. Will just leave the CAKE and BUNNY to grow/die. My focus now is on Polygon/MATIC :)