Era Lend

Era Lend operated as a decentralized lending application built on the zkSync network, a Layer 2 scaling solution for Ethereum. Its core service facilitated cryptocurrency lending and borrowing, allowing users to deposit assets as collateral to generate liquidity or earn interest. The platform's integration with zkSync positioned it within the broader decentralized finance (DeFi) ecosystem, targeting users seeking efficient and lower-cost transactions compared to the Ethereum mainnet. The specific markets served and the full scope of its user base are not detailed in the available information. A defining event in its operational history occurred on July 25, 2023, when the protocol suffered a significant security breach. An attacker exploited a vulnerability in a smart contract, executing a read-only reentrancy attack that resulted in the theft of approximately $3.4 million. This method involved manipulating the contract to report outdated, incorrect values, which the attacker then used to illegitimately drain funds from the protocol's reserves. The incident also had a collateral impact, affecting the stablecoin USDC+ issued by Overnight Finance, indicating interconnected risks within the DeFi landscape.

The attack underscored critical smart contract security challenges prevalent in DeFi, particularly the dangers of reentrancy flaws even in environments like zkSync. In direct response to the exploit, the Era Lend development team took the emergency measure of pausing all of its contracts on the zkSync network. This action was a standard mitigation step intended to immediately halt all further potential outflows of user funds and contain the damage while the team investigated the breach's full mechanics. The pause effectively froze the protocol's operations, leaving user positions in a suspended state pending a recovery plan. No further details regarding the specific ownership structure of Era Lend, its parent or subsidiary relationships, its precise scale in terms of total value locked prior to the hack, or its regulatory standing are provided in the source material. The profile of the organization is therefore largely defined by its function as a zkSync-based lending protocol and the substantial security incident that led to the suspension of its services.