The decentralized futures exchange, Cypher Protocol, which operates on Solana, has managed to freeze a staggering $600,000 worth of cryptocurrencies that were stolen during the aforementioned security breach. Notably, independent blockchain investigators played a pivotal role in this process.
Bridging the Cooperation Gap
In an enlightening post shared on Twitter on August 18th, Cypher Protocol divulged that over half of the pilfered funds have been successfully immobilized across various centralized exchanges. The collaboration between Cypher Protocol and these exchanges is crucial for the potential return of the funds. Also, law enforcement’s involvement and the issuance of seizure warrants will also be integral to this process.
The Initial Exploit, Response and Understanding the Vulnerabilities
The attack took place on August 7th, resulting in the pilfering of approximately $1 million. In response, Cypher Protocol swiftly put its smart contracts on hold, initiating a lockdown of the protocol.
However, Cypher Protocol faced vulnerabilities that led to the security breach. These vulnerabilities prevented the proper tracking of isolated sub-accounts and inadequate margin checks before borrowing. Halborn, a prominent blockchain security firm, further delved into these shortcomings.
The attacker masterfully exploited these vulnerabilities within the code, using multiple accounts to drain an estimated $1 million in a variety of crypto assets. The assets included USDT, SOL, wETH, and several other altcoins.
A White Hat Bounty and Pursuit of the Hacker
Notably, efforts to engage the hacker bore fruit on August 10th when Cypher Protocol made contact with the perpetrator. An enticing 10% white hat bounty, equivalent to around $120,000, was offered. However, the hacker missed the stipulated deadline to return the funds.
Subsequently, the bounty was extended to the public, revealing that the Cypher Protocol team had garnered partial knowledge of the exploiter’s identity.
The Road to Redemption
On August 16th, Cypher Protocol unveiled a comprehensive redemption plan and a “socialized losses policy.” This approach aims to distribute the remaining assets to those affected by the breach. The distribution will be pro rata based on user share. Assets held by the protocol will form a part of the redemption package.
Further, the value assigned for redemption pertaining to a margin account will be grounded in a snapshot of the account’s assets at the time of Cypher Protocol’s freezing. The estimated value stands at around 31 cents on the dollar.
Cypher Protocol expressed gratitude to blockchain sleuth ZachXBT, who played an invaluable role in the initial freezing of funds across multiple CEXs. This collaboration was instrumental in tracking the attacker.
Comparison to Other Exploits
Among the exploits witnessed in August, the Cypher exploit, though significant, did not take the top spot. Zunami, a DeFi protocol, experienced a $2.1 million flash loan attack on August 13th, and Steadefi, a leveraged yield aggregation platform, was exploited for $1.1 million on August 7th.
Read More:
SpaceX’s Bitcoin Sale: $373 Million Write-down Revealed in Financial Reports
Checkout.com Cuts Ties with Binance Due to Concerns Regarding Money Laundering