GMX releases summary report on $40 million attack: compensation measures to be discussed, V2 is not affected

Odaily Planet Daily News GMX published a report on the X platform to summarize the reasons and follow-up measures for the attack of about $40 million on GMX V1 on the Arbitrum chain on July 9, which pointed out that after analysis by the security team, the attack originated from the reentrancy vulnerability of the OrderBook contract. Hackers used this vulnerability to manipulate the average price of BTC short positions, thereby significantly raising the price of GLP and arbitrage. The official has suspended transactions related to the Avalanche chain, confirmed that the V2 version is not affected, and will take measures such as disabling GLP casting and redemption and setting up a compensation pool. GMX reminds V1 fork projects to promptly repair similar risks. Next plan funding situation: There is about $3.6 million left in the GLP pool, which is reserved for open positions. The GLP fee for V1 on Arbitrum this week is about $500,000 (minus 30% allocated to GMX pledgers), which will be transferred to the DAO treasury for compensation. GLP minting and redemption on Arbitrum will be disabled (redemption disabled with 24-hour timelock). GLP minting on Avalanche will be disabled, but redemption will remain. V1 position closing on Arbitrum and Avalanche will be enabled, opening will be disabled to prevent the vulnerability from reoccurring. V1 orders on Arbitrum and Avalanche will be canceled. GLP remaining funds on Arbitrum will be allocated to a compensation pool for affected GLP holders. GMX DAO will discuss further compensation measures. It is recommended that all GMX V1 forks take immediate action to enable trading and minting of GLP-like tokens after repairs and audits.