Cryptospace Spotlight 2022 #15 (10 Apr 2022)
Bitcoin layer-2 lightning network usage is expanding, US wants to understand the impact of BTC legal tender usage by other countries, and WonderHero hacked for over $300K!
Technology and Industry
Lightning Labs, a startup building payments infrastructure on the Bitcoin network, is creating a new protocol, Taro, that will allow users to send cross-border payments faster and for lower fees, the company announced Tuesday. [more]
Taro, which will be supported by the layer-2 protocol Lightning, aims to combine the security and stability of the Bitcoin network with the speed and scalability of Lightning network.
Lightning Network based wallet Strike’s CEO announces that it is partnering the payments platform is teaming up with point of sale giants such as Shopify, NCR and Blackhawk Network to allow Bitcoin payments. [more]
Blockstream and Block to mine Bitcoin powered by Tesla’s solar and battery technology in Texas. The project aims to show that bitcoin mining using 100% renewable energy can be done at scale, says Blockstream CEO Adam Back. [more]
An algorithmic stablecoin, USDN, of the Waves blockchain ecosystem, is supposed to be worth $1, but as of Monday (4 Apr), it traded for just 81 cents. At the same time, the WAVES token lost over 30% or $1.8 billion in value. [more] [more-2]
USDN lost its desired $1 peg last Friday after a scathing post by the pseudonymous crypto investor 0xHamZ began making rounds on Twitter. 0xHamZ called WAVES, the native token of the Waves network, the “biggest ponzi in crypto,” and claimed that the project’s founders had been artificially pumping the token’s value using leverage.
Public blockchain Terra, which captured the attention of the cryptocurrency world by pledging to buy $10 billion in Bitcoin to build a reserve for its UST algorithmic stablecoin, is diversifying that strategy. Luna Foundation Guard, a Singapore-based nonprofit organization built to support Terra, will acquire Avalanche tokens worth $100 million from the Avalanche Foundation to boost the stablecoin reserve. [more]
HSBC starts metaverse fund for private banking clients in Asia. [more]
The U.S. Securities and Exchange Commission has allowed NYSE Arca and Teucrium to issue a bitcoin futures exchange-traded fund. [more]
Regulatory
Singapore - The Parliament of Singapore passed new measures that require domestically registered companies operating abroad to obtain a license. [more]
Indonesia - Indonesia will begin taxing crypto transactions by May 1, charging 0.1% on both VAT and income tax. [more]
United States - Two members of the House of Representatives have introduced legislation aimed at mitigating the risks to the United States financial system due to El Salvador adopting Bitcoin as legal currency [more]
The bill aims to have the Secretary of State as well as federal department and agency heads report to Congress within 60 days on a plan to "mitigate any potential risk to the United States financial system posed by the adoption of a cryptocurrency as legal tender" in El Salvador and other countries that accept the U.S. dollar.
United Kingdom - The UK plans on being a leader in stablecoin regulation and intends to prioritize regulating stablecoins that are used as means of payment [more]. In another effort to become a leader in digital asset technology, the UK Treasury has asked the Royal Mint, the agency responsible for creating British currency, to mint an NFT [more].
European Union - EU member states agreed to ban the provision of high-value crypto-asset services to Russia. The move follows warnings that crypto is being used to circumvent sanctions imposed in response to the invasion of Ukraine. [more]
Germany - Germany’s Central Office for Combating Cybercrime (ZIT) and the Federal Criminal Police Office (BKA) announced the take-down of the Russian-language darknet market Hydra. They confiscated 543 BTC (est. $25M) as they "secured" the site's servers. Elliptic’s analysis shows that the platform – which was the largest such market operating on the dark web – has facilitated over $5 billion in Bitcoin transactions since beginning operations in December 2015. [more]
Security
On 7 April, WonderHero blockchain game announced a hack that occurred on WonderHero’s BNB Chain Bridge. The signature was stolen and minted 80M $WND on BNB Chain and traded them via PancakeSwap for 750 BNB ($321,000), resulting in the price drop of $WND. [more][more-wonderhero-media][more-security-analytics]
Security firm assessed that WonderHero may have experienced a private key leak. It shared that “an unverified contract added their contract to the MINER_ROLE and then minted 80,000,000 $WND”.
On 4 April, Email marketing service Mailchimp revealed a data breach that resulted in the compromise of an internal tool to gain unauthorized access to customer accounts and stage crypto phishing attacks. [more]
The acknowledgment comes as cryptocurrency wallet company Trezor on Sunday said it's investigating a potential security incident stemming from an opt-in newsletter hosted on Mailchimp after the actor repurposed the stolen data to send rogue emails claiming that the company had experienced a security incident.
These emails prompted Trezor customers to reset their hardware wallet PINs by downloading malicious software that allowed stealing the stored cryptocurrency.
Cosmos-based blockchain Juno went offline on Tuesday as the result of a suspected attack on the network. No user funds have been impacted. It was noted that the network crash stemmed from a malicious smart contract masked to look like a simple “hello world” program. [more]
The suspected attacker sent a string of over 400 transactions to the smart contract over the course of three days in a process of apparent trial and error – eventually landing on a specific combination of transactions that crashed the network.
Members of the Juno community are trying to figure out who would have been motivated to execute the attack for no obvious financial gain. Token holders are pointing fingers at potential culprits ranging from competitor blockchains to bagholders on the losing end of last month’s governance vote.
Update on Inverse Finance hack - according to blockchain security firm PeckShield, the Inverse attacker took advantage of a vulnerability in a Keep3r price oracle Inverse uses to track token prices. The attacker tricked the oracle into thinking that the price of Inverse’s INV token was extraordinarily high, and then took out multimillion-dollar loans on Anchor using the inflated INV as collateral. [more][more-security-analysis]
The attack was notably well-financed. The attacker injected 901 ETH (about $3 million) into several trading pairs on the decentralized exchange SushiSwap – inflating the price of INV in the eyes of the Keep3r price oracle.
Alexsander Larsen, chief operating officer of Sky Mavis, indicated that the company will take ‘full responsibility’ for $625M Ronin Hack. It has raised $150 million in funding led by crypto exchange Binance to help reimburse users who lost funds. [more] [more]
The new funds will be combined with cash from Sky Mavis’ balance sheet to reimburse all users who lost money in the attack on Ronin, an Ethereum-based sidechain supporting the game.
The company plans to reopen the Ronin bridge after a security upgrade and audits, which it says could take several weeks. In the meantime, Binance is providing liquidity for Ronin users by allowing them to withdraw and deposit ETH freely.
Coffee-chat
It will attract all - the good, the bad, the ugly. Scams and rug-pulls?
