Technology and Industry

• Ethereum’s Merge - Ethereum successfully completed Ropsten testnet merge [more]

• Jack Dorsey aims to build ‘Web5’ powered by Bitcoin, bypass Web3 entirely, and focus on a new Bitcoin-centric model for identity management. [more]

• MasterCard is collaborating with central NFT marketplaces to make NFT payments easier. NFT markets are partnering with the company as part of the strategy to increase its web3 presence. The ability to buy NFTs directly through a credit card rather than first acquiring crypto should also be made available to more people. [more]

• NFT platform Candy Digital has partnered with video streaming company Netflix to celebrate the release of the fourth season of the Stranger Things series through digital collectibles. Launched last Friday, this is Candy’s first NFT collection outside of sports. [more]

• Crypto Exchange

  • A spokesperson for Crypto.com said that the company recently made the “difficult decision” to carry out “targeted reductions” totaling 260 staffers, or 5% of its workforce. [more]

  • Changpeng Zhao, the CEO of Binance, shared plans to acquire two licenses that are critical for the firm's operations within the Philippines. [more]

  • Binance under SEC investigation over its 2017 ICO listing as well as alleged of facilitating $2.35 billion in illicit funds between 2017 and 2020. [more]

Regulatory

• United States -

  • A US digital asset bill was introduced, setting the stage for conversations centered around the likes of stablecoin regulation and taxation — as well as what regulator should oversee cryptocurrency. [more]

    • The language defines many crypto tokens as “ancillary assets,” or an “intangible, fungible asset that is offered, sold, or otherwise provided to a person in connection with the purchase and sale of a security through an arrangement or scheme that constitutes an investment contract.” Such assets would fall under the Commodity Futures Trading Commission’s (CFTC) jurisdiction, as opposed to the SEC, unless ruled otherwise by a court.

  • New York’s financial services regulator has issued new guidance on stablecoins, laying out its expectations from issuers operating in the state. [more]

    • Stablecoins are to be fully backed by a reserve of assets equal to the face value of each stablecoin unit while remaining ready for redemption for US dollars at all times.

  • Terraform Labs and Do Kwon are ordered to comply with SEC subpoena. [more]

    • A US federal judge has ordered Kwon to comply with an earlier SEC subpoena that he sought to avoid. The SEC began investigating a Terraform Labs project, Mirror Protocol, last year and served Kwon a subpoena at a New York conference on Sept. 20, 2021, court filings show.

    • Do Kwon, who now lives in Singapore, had argued the SEC has no jurisdiction over him.

• United Kingdom - The finance ministry said that Britain will begin live testing of crypto blockchain technology for traditional market activities such as trading and settlement of stocks and bonds next year as part of a drive to become a global "crypto hub". [more]

• Hong Kong - A Hong Kong Securities and Futures Commission statement published on Monday defines which NFTs fall under its mandate, while advising investors to be mindful of regulated securities. [more]

• Lithuania - Lithuania aims to tighten crypto regulation and ban anonymous accounts. [more]

  • The new regulations would tighten up demands for exchange operators — from Jan. 1, 2023, they will be obliged to register as a corporate body with nominal capital amounting to no less than 125,000 euros.

Security and Risk

• 9 Jun - 20 million Optimism Token (OP) (~$15M) were drained due to market maker Wintermute providing wrong wallet address to Optimism Foundation. [more][more-OP-media][more-2]

  • Optimism Foundation had sent the 20M OP to a wallet controlled by Wintermute, a market maker, tapped to provide liquidity during the launch of the OP token. The tokens ended up in an inaccessible wallet and the attacker was able to drain the tokens before Wintermute could move these tokens to another wallet. 

  • Wintermute accepted blame for the exploit, and had pledged to buy an equivalent amount of OP tokens whenever the attacker sells them. 

  • The attacker returned 17M tokens, sent 1M tokens to Ethereum founder Vitalik Buterin and kept 2M tokens as bounty. [more]

  • Optimism is a layer 2 rollup chain for Ethereum – a separate blockchain that can process transactions, bundle them up and pass them back down to Ethereum. It helps to scale Ethereum’s “layer 1” network through quick transactions and lower fees.

• 8 Jun - The Osmosis DEX has been halted for emergency maintenance as developers investigate the extent of a liquidity pool exploit. [more][more-Osmosis]

  • A exploitable bug came to light when a user deposited funds to a liquidity pool before instantly withdrawing it. The value of the withdrawal was unintentionally 50% higher than the deposit.

  • Osmosis explained that “The bug itself was simple, and involved incorrect calculation of LP shares when adding and removing liquidity from pools. It should have been caught. It was painfully overlooked in internal testing that was focused on more advanced functionality related to the upgrade.”

  • The estimated loss due to the bug is $5M.

• 8 Jun - DeFi platform GYM Network was exploited due with the loss of $2.1M (~7.5K BNB). [more]

  • The bug is due to the lack of caller verification, which is exploited to increase the balance without making any payment. The stolen funds are now deposited via TornadoCash.

• 7 Jun - Ethereum bridging and scaling solution, Aurora, pays $6M bug bounty to ethical security hacker through Immunefi [more]

  • Over $200 million worth of users' funds could have been at risk if the whitehat had chosen to exploit the vulnerability for personal gain instead of reporting it to developers.

  • The identified critical flaw in the Aurora Engine that would have enabled the infinite minting of ETH in the Aurora Ethereum Virtual Machine to drain and siphon the corresponding nested ETH (nETH) pool on NEAR. At the time of discovery, the pool contained more than 70,000 ETH, worth at least $200 million.

• 7 Jun - DeFi platform Equalizer Finance vaults have been exploited due to incompatible contract. [more][more-2]

  • Equalizer Finance suffered a flash loan attack. The main reason for this attack is that the FlashLoanProvider contract of the Equalizer Finance protocol is not compatible with the Vault contract1.

• BAYC smart contract function allows unlimited minting of new Apes by single wallet. [more]

  • NFT Developer foobar has called attention to a Bored Ape Yacht Club smart contract function that would allow a single, non-multi-sig, wallet to mint an unlimited number of new Apes.

  • The issue has been brought up before, but BAYC has yet to take action.