Feds Coming For DEFI!? Most Important Crypto Case of 2023!!

Recently an arrest took place that could Have long-standing implications for the Crypto industry and no I'm not talking About SPF or indeed anything related to FTX I'm talking about the arrest of avraham Eisenberg the guy behind a trading Strategy that attacked the mango markets Exchange however unlike in the case of FTX the illegality of this attack isn't As clear-cut so today I'm going to tell You everything you need to know about The case and its potential regulatory Implications for all of D5 stay tuned Folks you don't want to miss this one Foreign Before we can look at the case and its Implications we have to take a look at Exactly what happened at mango markets So for those unfamiliar manga markets is A decentralized Futures exchange built On Solana it basically allows users to Trade derivatives instruments like Perpetual Futures which are tied to the Spot performances of some other Cryptocurrency it's governed not by a Centralized liquidation or deleveraging Engine but by smart contracts that are Built on Solana as is the case with most Decentralized applications governance Decisions about the protocol are made Through a decentralized autonomous Organization or doubt anywho on the 11th Of October at about 10 o'clock GMT the

Exchange was hit with an oracle Manipulation attack it went like this There were two accounts on Mango that Were each funded with about five million Dollars in usdc one of the accounts Offered to sell a large amount of Perpetual contracts in mango usdc to the Other account So the buying account had a long mango Per position of about 483 million mango Tokens it would benefit greatly should There be a rally in the spot price of Those mango tokens and that is exactly What happened just after this position Was created on Mango markets the Underlying price on Mango usdc spot Pairs on two exchanges FTX and ascendex Saw a 5 to 10x spike in price now this Is important because the manga markets Protocol gets its spot pricing data from Two oracles namely pith and switchboard For those who aren't defy degens and Oracle is just a service that will Provide off-chain data stuff like prices To on-chain Applications one of the most Well-known oracles on the ethereum Network for example is chain link So given that pith and switchboard both Aggregate centralized exchange pricing To update their pricing feeds they got The massive spike in the price of mango The manga markets exchange was basically Told by the oracles that the spot price Of the mango token was 15 cents this

Meant that there was a massive increase In the mark to Market profit on the One Account that was long the mango perps According to the mango markets protocol This account was therefore viewed as Having a lot of collateral 190 million Dollars worth in total this collateral Could be used to take out loans from the Protocol and that is exactly what the Attacker did he borrowed 110 million Dollars in a number of different tokens Including wbtc msol Seoul usdt and usdc These funds were then sent to the Attacker's wallet obviously with the Intention of never paying them back this Drained the mango lending pool and once The tokens were safely withdrawn the Attacker sold all that mango he had Bought on the centralized exchanges back For usdc this of course led to the price Of mango collapsing again and making That account on Mango markets with the Highly profitable position instantly Unprofitable the collateral in the Account was now worth almost nothing so A liquidation of that galateral would Not have been able to collateralize the Mango markets lending pool so in the end The attacker drained funds from the Lending pool on Mango markets funds that Were owned by the other users that is Lenders on the exchange so that is how The attack took place now believe it or Not but Oracle manipulation attacks are

Actually quite common in D5 and in the Past have been carried out on ethereum Product articles with flash loans it's Also one of the reasons why oracles need To have extremely robust pricing data Now of course none of that was much Consolation for the lenders that is the Users of mango markets program Instructions were frozen to prevent Users from further accessing the Protocol This included deposits and withdrawals But it was all too late However the users didn't have to wait Too long to find out who was behind the Hack not because the feds were Immediately onto him but because he Bragged about it on Twitter A few days after the attack avraham or Avi Eisenberg tweeted that he was Involved in a quote highly profitable Trading strategy on Mango markets he Also said quote I believe all of our Actions were legal open market actions Using the protocol as designed even if The development team did not fully Anticipate all the consequences of Setting parameters the way they are bold Strategy cotton Now it turned out that Avi wasn't new to Shady shenanigans on the blockchain it Was also revealed that he was behind the Fortress Dow exploit now I won't go into That here but I'll leave a link to this

Handy blog post that details it However Avi did appear to show some Remorse over the mango markets attack More specifically he said that he felt Sorry about the fact that his exploit Had drained the protocol and made his Insolvent hence he was doing The Honorable thing and beginning Negotiations with the Dow in order to Return some of the funds now there were Ulterior motives for this which I'll Touch on in a bit anywho after a few Dow Votes an agreement was eventually Reached which would see 67 million Dollars returned part of the agreement Was that they would not come after Avi For the remaining funds so it could be Seen as a bounty and that they would not Press criminal charges hmm Now of course it was a bold move by Avi To openly admit and brag about the fact That he had manipulated the protocol and Taken the funds and there were many who Pointed out to him that this was in fact A crime as it was Market manipulation a Form of fraud and yes although he may Have got some sort of an agreement where Users agreed not to pursue him Criminally the U.S Department of Justice Was not party to that agreement It's also worth noting that Avi perhaps Didn't feel all that comfortable with The legality of his trading strategy Because a day after the attack he fled

To Israel something that was disclosed In the charging document more on that in A bit too However once Avi had managed to return The 67 million dollars to the doubt he Felt comfortable enough to head back to Puerto Rico and bask in the glory of his Newfound d-gen notoriety not only did he Continue to post on Twitter and do Interviews about the exploit but he also Attempted further attacks on other Protocols such as Ave however this all Stopped on the 27th of December when it Was announced that he had been arrested In Puerto Rico and those aforementioned Charging documents were unsealed now I've linked to them below and I Encourage you to read through them Yourself to get a better sense of the Charges against him but they include one Count of commodity fraud and one count Of commodity manipulation not a massive Surprise there the document also details The exact specifics of the attack now While I covered the Crux of this earlier There were a few other juicy details Disclosed for example the agent traced The crypto to a circle account that was Kyc'd in avi's name some of this usdc From this circle account was used to Fund the mango markets account but a Much larger allocation was sent to the Two exchanges which manipulated the spot Market one of these exchanges was kyc'd

To a Ukrainian lady however the agents Later discovered that the Gmail account That was used to register had a backup Email and phone number connected to Avi The agent also referred to avi's Twitter Account and specifically took issue with The statements that were made about that So-called profitable trading strategy he Had embarked upon Something else picked up on meanwhile Was a post just two months before the Mango Mark attack in it Avi sent a tweet That linked to doj charges against Others who were involved in manipulation In the FX Market they were charged under The commodity exchange act the same act Being used to bring charges against Avi So Avi clearly knew that market Manipulation was illegal perhaps he Didn't think that the crypto assets that He was manipulating were Commodities but According to the agent in charge the Usdc was and given that he manipulated Perpetual Futures read swaps this is Clearly Market manipulation according to The commodity exchange act anyways when It was announced that Avi had been Arrested the general consensus on crypto Twitter was that he well got what he Deserved that he manipulated the market And attempted to steal the funds of Users he also didn't really help himself With his attitude after the attack However whether he deserved it or not

Isn't the question the question is what Could this mean for defy and does it Make protocols more or less safe Now a well-worn saying in the crypto Space is code is law meaning that as Long as users of a protocol are using The code AS intended well it should be Lawful in avi's case it was not an Exploit of the code he didn't find a bug That he used to exfiltrate funds he used The mango markets protocol as was Intended with open market operations the Price moved because of his large buys The oracles updated the price and Mango's protocol allowed him to take out Those loans this is the same argument That Avi made in an interview with Laura Shin this wasn't part of a bounty that He was seeking as this was not a Malicious exploit I'll also add that Avi Wasn't the first person to manipulate Oracles with open market operations and Claim that it was lawful almost exactly A year ago a Canadian teenage math Savant exploited indexed Finance another D5 protocol after the exploit he came Onto Twitter to seek a lawyer who would Defend him as far as I know he's being Pursued civilly and the case is working Its way through the Canadian courts However what the doj has shown us is That they can very easily get around the Code AS law argument by applying Existing Market manipulation laws to

Assets that they view as either Securities or in this case Commodities Anyone who intentionally manipulates the Price of a crypto asset on the Blockchain could therefore be in the Crosshairs of the authorities this Significantly increases the risk that Comes from trying to exploit these Arbitrage opportunities some may say That this is a good thing that it deters The kind of actions that Avi took and Prevents future losses but there are Some severe side effects that come with This and they could be worse than the Original sickness itself allow me to Explain While the actions that RV took weren't For anyone's benefit but his own they Did have ancillary benefits for mango And the broader defy ecosystem for mango It highlighted the fact that their Oracles were subject to manipulation and That their liquidation of collateral Assets was not sufficient to Stave off The shortfall these were painful lessons To learn but the users did get their Funds back and as a result the mango Markets protocol will Implement measures That will make it more robust and secure In the future indeed in response to the Mango attack other protocols such as Ave And compound Finance implemented a Number of risk mitigation proposals in The case of Ave these measures helped to

Prevent RV's later attack on that Protocol who knows how much could have Been lost and the impact that it could Have had if he'd been successful there Too the point is that there is a very Real need for white hat hackers in the Crypto base who test the robustness and Security of large D5 protocols no RV is Not a white hat hacker who we should be Praising but there's no indication that The doj won't go after real white hats Should they attempt similar actions even If they give all the funds back the case Can be made that they knowingly Manipulated a market so would this deter Other white hats even if dapps Explicitly have a bounty scheme it's Hard to claim that Bounty for something Like Oracle manipulation without Actively trying to manipulate said Oracle so even if a white hat claims a Bounty for an obvious flaw there's no Guarantee the feds won't come knocking Remember part of the agreement for Turning over the 67 million dollars was That manga markets would not pursue Avi In the courts that agreement meant Nothing to the doj and it shows that They could view similar agreements with Other hackers in the same light does This mean that protocols and dapps that Have a fundamental flaw could grow much Larger and more vulnerable a flaw that Could then be exploited by North Korean

Hackers for billions instead of hundreds Of millions remember criminals don't Care about breaking the law and when You're part of a state-backed hacking Group The more laws you break the bigger The payoff I'll also remind you that North Korean hackers are not the kind of Chaps to return any funds or claim any Bounty it's just not their MO So the point is that in order to make Sure that these D5 Protocols are robust And secure against bigger threats where More money is involved they have to be Put through the ringer open source code Needs to be vetted and tested rigorously Before it should be allowed to grow to The point where a lot of damage can be Done As another example we can take a look at What happened with Terror and UST back In May 2021 when much less money was Invested UST also suffered a deepeg however Thanks to a bailout from jump crypto it Was able to get back to its one dollar Peg now that in my opinion and of course With the benefit of hindsight was a bad Mistake if UST had been allowed to Continue to de-peg then it would have Shown the crypto Community how flawed The mint and burn mechanism was it would Have clearly Illustrated that something Needed to be fixed before the protocol Got any bigger however that didn't

Happen and as a result a much more Devastating crash played out almost a Year later that wiped out billions upon Billions of dollars in value it's also Directly linked to the collapse of a Number of C5 lending firms and hedge Funds and could ultimately have been the First Domino that eventually Precipitated the collapse of Alameda and FTX speaking of which I would counter That those large centralized firms are The greatest damage that's been done to The crypto space while defy has seen its Fair share of hacks and exploits the Mere fact that it is transparent and Open for all to verify means that it's Incorruptible there was no way to test The robustness of ftx's order books or Reserves because they were hidden from Sight by deploying an open source smart Contract on a blockchain you're opening Yourself up to more scrutiny and attacks Than you would if you were opening a Centralized exchange however everyone Can see how secure or unsecure your dap Is and no one needs to trust you to use It open and robust Defy is the future we Need how do we go about securing that Future Well that is open for debate Okay time for a few closing thoughts It's clear that what Avi did was illegal By the letter of the law he manipulated A swap agreement linked to a commodity

This is Commodities manipulation and Fraud it contravenes the commodity Exchange act and hence it's no surprise That the authorities came after him I Also don't think that he's a hero in This story he made it clear that he Didn't view it as illegal and only Offered to give some of the money back I'll also remind you that he was behind The Fortress Dow rug a few months before That leaving users holding the bag once Again he made choices in both of these Cases and he's likely to suffer the Consequences perhaps you'll also learn That bragging about committing crimes is Not a plus EV trade but be that as it May there will be side effects that come From this action and the hope is that These side effects are not worse than The disease itself defy can only succeed In the long term if we have robust Secure and trustworthy code in place It's hard to achieve those ends without The rigorous scrutiny that comes from White hat hackers and the open source Community you can never know how code Will perform in all real world Eventualities and by disincentivizing These white hats we're making the Protocols more susceptible to larger and Less forgiving foes this doesn't mean That we shouldn't hold people Accountable for Market manipulation in Crypto however

But it does mean that there needs to be Clear laws in place that protect Legitimate white hat Hackers from Prosecution there needs to be a line Drawn between those who engage in Malicious attacks and those who want to Play by the rules I also think that Regulators should be spending more of Their time and resources on weeding out The bad players in the C5 space it's Shocking to think that FTX was operating One of the biggest frauds in crypto Right under the noses of Gary Gensler And everyone else in DC granted it was a Good facade but it was a facade that Could easily have been exposed had it All been on chain in the end regulating Defy will be a hot button topic for Years to come but if there are rules of The road that can legitimately restrict Bad actors from engaging in bad actions Then I for one am for them just as long As they don't come at the expense of Broader growth for the entire sector and That's it for my video today folks but I'm Keen to get some feedback from you Fine people so do you think Avi deserve To be arrested do you think that there Should be some rules in D5 let me know In the comments and if you enjoyed this Video you know what to do hit that like Button subscribe button and Bell icon Too also if you're looking for some of The best promos and discounts in the

Crypto space then my deals page is where You must go exclusively for the viewers Of this channel yo all of that is linked To below okay that's it the end of the Video so till next time stay cool stay Safe and stay crypto [Music]