Radiant Capital, a prominent DeFi lending protocol, has decided to cease all operations owing to a prolonged period of financial strain. The Arbitrum-based lending protocol announced the decision to its communty on Monday — 18 months after it was hit by a major exploit that had led to the drain of $50 million from its network.
Radiant, on Monday, said that the protocol will now be entering its maintainence mode wherein the frontend will continue to function and on-chain smart contracts would remain accessible. Users, meanwhile, will be able to withdraw, repay, and manage positions.
“The DAO no longer has a viable path forward. No meaningful recovery of funds, no new capital, no runway to continue operating responsibly. This is not the outcome anyone hoped for,” the protocol said annoucing the sunset on its operations.
Revisiting Radiant’s hack(s)
Between January and October 2024, Radiant Capital was hit with not one, but two exploits.
In January 2024, a flash loan attack drained around 1,900 ETH from the network — which at the time amounted to $4.5 million from a newly created native USDC pool. As part of this attack, the attacker used a zero-collateral, single-transaction loan to borrow a big amount of crypto, manipulate the protocol’s price oracle, and drain its distorted liquidity pools for a profit.
While Radiant was trying to recover this amount, in October 2024, it was hit by the second, more potent attack. Hackers were able to steal over $50 million from the protocol after using a malicious contract to gain unauthorized backdoor access that time.
The platform failed to recover funds lost to both of these attacks leaving it under financial distress.
“Over the past months, contributors and the community continued to operate under increasingly difficult conditions, working to support users, maintain the protocol, and pursue recovery. That effort was real. But effort alone is not enough without recovery, capital, or growth,” Radiant’s post on Monday noted.
What lies ahead
Radiant said it will now stop rolling put upgrades and expansions to the network. To the community members, it strongly suggested a reduction in exposure with the protocol and stringent risk management while engaging with what’s left of the protocol.
The protocol’s onchain infrastructure and some support across channels will remain active for a while. An exact date of its operations going totally dark was not specified in the announcement.
However, the protocol is still not giving up on its recovery efforts, it said.
Forensic tracking of the stolen funds will remain active along with the remediation portal. If any of the funds are recovered, the impacted users would be returned their funds.
“Recovery in these situations is uncertain and often long. But the process remains ongoing. Radiant is sunsetting because the conditions required to operate are no longer present. But it is fair to say everything possible was done,” the platform said in its parting note.
Radiant’s decision to pull the shutter on its operations comes just weeks after another exploited DeFi protocol chose the same path. Following a massive $285 million exploit on April 1, Drift Protocol decided to put a temporary halt to its operations. It remains unclear when exactly will the DeFi service re-launch its operations.
Owing to deep links with Drift, Solana-based yield aggregator Carrot decided to shut its operations in April. It had lost $8 million from its total value locked because of Drift’s attack.