Technology and Industry

Vitalik Buterin, Ethereum’s chief scientist and co-founder, highlighted at a conference in Paris that the network’s transition to Proof-of-Stake from Proof-of-Work will be “complicated.” He also indicated that “the Ethereum protocol today is undergoing a long and complicated transition toward becoming a much more robust and powerful system”. He estimated that after The Merge, Ethereum will have completed approximately 55% of its roadmap. [more]

Cardano blockchain planned network upgrade - Vasil - has been pushed back by a few more weeks. Vasil, an upgrade designed to increase Cardano's scaling capabilities, had been scheduled for a June release on a test network followed by its introduction on the mainnet, or live system. [more]

Stablecoin issuer Tether, along with sister company crypto exchange Bitfinex and peer-to-peer (P2P) infrastructure platform Hypercore have launched Holepunch, a P2P platform intended to allow developers to build Web3 applications. [more]

• Holepunch is a fully encrypted protocol that is designed to "unlock global communications, empower freedom of speech and combat censorship around the world," according to a company statement.

• Video-calling app Keet, the first app built on Holepunch, will integrate built-in payments powered by Bitcoin's Lightning Network.

Open Metaverse Alliance for Web3 (OMA3) has been launched collaboratively by several prominent blockchain-based companies and big metaverse platforms. These companies include ‘The Sandbox’, ‘Decentraland’, ‘Animoca Brands’ and ‘Upland’. The goal of the organisation is to steer the evolution of the metaverse in a direction that aligns with some of the core principles of Web3. [more]

San-Francisco-based Unstoppable Domains which connects Web2 to Web3 through blockchain domains has reached a $1 billion valuation after it closed a $65 million Series A funding round led by Pantera Capital. [more]

The City of Miami has announced a Web3 initiative backed by TIME, Mastercard and Salesforce to engage the community and drive additional revenue to local businesses. [more]

• Miami aims to create a collection of 5,000 NFTs designed by 56 local artists. The number 56 represents the city’s 56 square mile area. 

Cryptocurrency exchange FTX indicated that it was fully approved to operate its exchange and clearing house in Dubai, as the Gulf emirate pushes forward with plans to develop its digital asset sector. [more]

• It will start offering regulated crypto derivatives products and trading services to institutional investors in Dubai as well as operate a nonfungible token marketplace and provide custodial services.

Crypto exchange Zipmex filed applications in Singapore seeking bankruptcy protection amid the threat of legal action from creditors. [more]

Policy and Regulatory

United States -

• The state of California has overturned a near four-year ban against political crypto donations. However, crypto contributions will need to be verified via a name, address and other revealing details. [more]

• The digital asset bill that would detail stablecoin regulation in the US has reportedly been delayed until at least September, but lawmakers might issue a draft of the bill soon. [more]

• The United States House of Representatives passed the Chips and Science Act to provide grants and incentives to the semiconductor industry and encourages research. It also creates a blockchain and cryptocurrency specialist position in the White House Office of Science and Technology Policy (OSTP). [more]

• Senator Sherrod Brown, chair of the Senate Banking Committee, has penned letters to the CEOs of Google’s parent company Alphabet and Apple calling for the tech firms to provide information on the ways they prevent certain apps from promoting crypto scams. [more]

United Kingdom - Rishi Sunak and Liz Truss are competing to be the next leader of the Conservative Party and the country’s Prime Minister role. They had displayed pro-crypto sentiments. [more]

• Under PM Johnson, Sunak requested that the country’s Royal Mint create a nonfungible token as part of an effort to make the United Kingdom a global crypto hub.

• Truss, who has been the Secretary of State for Foreign, Commonwealth and Development Affairs since 2021 and Minister for Women and Equalities since 2019, serving under three prime ministers, called for an anti-regulatory approach to crypto in 2018 in an effort for the U.K. to embrace the technology. In her role as Secretary of State for International Trade, the MP launched a digital trade network in 2020 whose measures included promoting fintech firms that “enable[d] digitisation and resilience in priority export markets.”

Europe - The chair of the European Banking Authority, or EBA, a European Union agency that regulates banking activities, has reportedly expressed concern that a dearth of talent experienced in the crypto space could hurt its ability to oversee the market. [more]

South Korea - Do Kwon, founder of the TerraUSD and Luna cryptocurrencies, along with his associates, are faced with escalating scrutiny from the country prosecutors over their travel in and out of the country. They have requested a “notification upon arrival” for Do Kwon, who is believed to be in Singapore. [more]

Bank for International Settlements - BIS Committee on Payments and Market Infrastructures (CPMI) opened a consultation on increasing the adoption of payment versus payment (PvP) in foreign exchange (FX) transactions. In other words, ensuring that both currencies are exchanged simultaneously to reduce risk. In the DLT world, it’s referred to as atomic settlement. [more][more-BIS]

Security and Risk

28 Jul - Solana-based Nirvana Finance lost $3.5 million through flash loan attack. The price of its stablecoin NIRV and native token ANA suffered a 85% fall. [more][more-Nirvana][more-analysis]

• Nirvana confirmed that the protocol was “maliciously hacked and reserve funds are stolen. NIRV and ANA have lost their collateral, and do not have secured market value.”

• The Nirvana team is now offering the hacker a whitehat bounty of $300,000 and a “cessation” of the investigation into their identity

• The attack:

• The attacker borrowed $10M USDC from the Solend Main Pool Vault which was used to exploit $3.49M USDT from the Nirvana Finance Treasury.

• The attacker minted $10M+ worth of $ANA using the funds borrowed from Solend

• The attacker swapped $ANA for $USDT and received $3.5M from Nirvana Treasury.

• $10M USDC was returned to Solend Pool

23 Jul - Web3 music streaming service platform Audius’ community treasury was compromised and lost 18.5 million AUDIO Tokens due to contract vulnerability. [more-Audius][more]

• The Audius governance, staking, and delegation contracts on Ethereum mainnet were compromised due to a bug in the contract initialization code that allowed repeated invocations of the initialize functions.

• The bug allowed an attacker to maliciously transfer 18 million $AUDIO tokens held by the Audius governance contract (referred to as the “community treasury”) to a wallet of their control and modify dynamics of the voting system to illicitly change their staked $AUDIO amounts in the network.

• After the attacker drained out 18 million tokens worth nearly $6 million from the treasury, they were dumped and sold for $1.08 million resulted in max slippage.

• The set of contracts were audited by the OpenZeppelin team [report] August 25, 2020 prior to deployment and some additional changes separate from the affected vulnerable code were audited by Kudelski on October 27, 2021 [report], but unfortunately this vulnerability was not caught in either case.

26 Jul - Chia Network, the energy-efficient blockchain and smart transaction platform, will replace its 7-month-old chia asset tokens (CATs) with a new token to address a security vulnerability that it uncovered after an outside auditor detected potential weaknesses with the token’s standard. [more] [more-chia]

• The platform shared that the vulnerability offered a bad actor to take a CAT1 in their possession and print/inflate any arbitrary amount of coins, effectively flooding and devaluing the underlying asset. In non-technical terms, the vulnerability enables anyone to create a money printing machine to print as many counterfeit copies of the CAT as they want.

Developers of Harmony proposed issuing ONE tokens to cover losses from the hack of its Horizon bridge product in June. [more]