Episode Summary

In this week’s episode, we take a deep dive in the fascinating flash loan governance attack delivered on the Beanstalk Farms protocol Sunday. Then we dig into trending criticism on Axie Infinity’s play to earn model.

Intro

Welcome to I, Degen - Each week, we track down and explore the most exciting crypto stories. Hacks, scams, exploits, and anything that feeds our crypto curiosity.

Welcome degens! Come one, come all.

It’s been another epic week. We will go deep on the Beanstalk Farms attack and explore some growing criticism of Axie.

But first, let’s jump into our choice-picked weekly Degen headlines.

Degen Weekly

1. ETH Merge pushed back from targeted June to Q 3 2022 or later. Surprised?
2. ETH staking post merge will likely be lower than anticipated -Crypto Slate
3. Defi superstar Andre Cronje (CRON-YE) comes back after his 3rd rage quit and starts beating the crypto needs regulation drum - The Defiant
4. “Ethan Gach with Kotaku says” Crypto Gaming “Landlords” upset they can’t keep exploiting all the players. Diminishing returns of the play to earn game Axie infinity and showing that the long term model of some of the guilds is unsustainable long term. - Kotaku
5. New phishing attack that involves google ads… TradeDog on twitter says that over 4.31 MILLION has been exploited in this phishing attack - Tweet
6. Lazarus group, a North Korean based hacker group has claimed responsibility for the Ronin bridge attack. Last week we heard they might be responsible but this week it seems they are fully taking ownership of this insane hack - Cryptured
7. US House Democrats Call for Scrutiny on Crypto Mining as Environmental Threat

U.S. Rep. Jared Huffman (D-Calif.), who leads a subcommittee within the House of Representatives’ Natural Resources Committee, has recruited almost two dozen Democratic colleagues to urge federal environmental officials to devote further scrutiny to the consequences of cryptocurrency mining. - Coindesk

Degen Deep Dive

Beanstalk Farms Flash Loan Governance Attack

TLDR: On April 17th, 2022 an attacker used a barrage of flash loans to purchase a majority of BEAN tokens, the native governance token for Beanstalk Farms. Using this temporarily loaned voting power allowed them successfully pass an emergency governance proposal that drained the protocol of 76M in assets, sent 250K of the stolen money to the Ukraine War Fund, and sent the price of the stable BEAN tumbling.

Who:
victim: bean.money aka Beanstalk

Beanstalk is a decentralized and transparent solution to DeFi’s endemic stablecoin supply shortage. It was designed from first principles to be a paradigm-shifting DeFi primitive that makes decentralized, cost-efficient stablecoins available to anyone with an internet connection.Beanstalk was initially launched in August 2021 with just 100 Beans and has never taken traditional funding. Over the last eight months, Beanstalk organically grew to $100M in market cap, attracting $144M in long term-incentivized liquidity.

• Beanstalk: The Path Forward

From the whitepaper:

To date, flawed st