Security and Risk

28 Oct - FriesDAO vanity address flaw

FriesDAO lost $2.3 million in FRIES tokens after attacker compromised its wallet due to Profanity’s wallet/private key generation weakness. [more][more-FriesDAO]

• FriesDAO (Franchises & Restaurants Integrated Efficiently & Systematically) is an Ethereum-based DAO attempting to acquire fast food restaurants.

• FriesDAO indicated that they remains open to negiotate with the attacker to establish a bounty payment.

27 Oct - Team Finance smart contract exploitation

DeFi platform, Team Finance, suffered a $14.5 million loss due to its smart contract flaw in migration function. [more] [more-2][more-analysis][more-teamfinance]

• Team Finance has paused all activities in the wake of the exploit as they investigate. They highlighted that the affected contract was audited prior deployment.

• Team Finance has urged the attacker to get in contact for a bounty payment, as well as blacklist the attacker’s blockchain address.

24 Oct - DEX QuickSwap price manipulation

Decentralized exchange QuickSwap said that it will close its lending pool after Market XYZ was exploited in a flash loan attack. [more]

23 Oct - Layer2DAO multisig hacked

Layer2DAO, an Ethereum Layer2 platform, multisig wallet on Optimism was compromised and 49,950,000 L2DAO tokens were drained. [more]

• The attacker dumped some of the stolen tokens but Layer2DAO were able to negotiate and repurchase the remaining 31,239,677 tokens with their treasury.

Other Crypto Picks

1. Bloomberg published a 40,000 words “Crypto Story” by Matt Levine - covering the what and why of crypto. [more]

   • In case you need a quicker read, the key highlights are available as well. [more]

2. Singapore -

   • The Monetary Authority of Singapore (MAS), the nation’s central bank, is seeking public feedback on proposed measures to ramp up crypto and stablecoin policy in the wake of Terra’s spectacular collapse. [more]

   • Terra co-founder Do Kwon faces $57-million lawsuit in Singapore. [more]

3. United States -

   1. The Commodity Futures Trading Commission (CFTC) commissioner warnes that vulnerabilities seen within the crypto markets are similar to those seen during the global financial crisis and calls for the agency to be given additional authority. [more]

   2. The Office of the Comptroller of the Currency (OCC) said it will will establish an Office of Financial Technology early next year to bolster the agency’s expertise and ability to adapt to a rapidly changing banking landscape. The new function will help to deepen its understanding of fintech and promote responsible innovation. [more]

4. United Kingdom -

   • UK Prime Minister is seen to be pro-crypto. Rishi Sunak has previously spearheaded plans to make the UK a global hub for crypto. Under former PM Boris Johnson, he has spearheaded plans to make the UK a hub for cryptoasset technology and investments and advocated for stablecoins’ recognition as a form of payment. [more]

   • UK lawmakers have voted in favor of a crypto-related amendment to the Financial Services and Markets Bill, but it could take a while until the proposed rules are enacted.

5. Crypto exchanges

   • Binance has put half a billion US dollars towards Elon Musk’s Twitter takeover. [more]

   • ICrypto.com’s normalized exchange volume has dropped by 91%, from $4 billion to $380 million per day, using a 7-day average, according to CoinGecko. [more]

6. Major DAOs are moving to adopt legal structures as regulators ask tough questions about their legal liability. [more]

   • Crypto trading platform SushiSwap just announced a new three-part legal structure for its DAO and developer team. Earlier this week, Gnosis’ SafeDAO passed a Snapshot proposal that “limits the liability of SafeDAO participants” in case the DAO gets in legal trouble. Uniswap launched a foundation back in August that provides a clearer view of who is behind the DAO. 

7. Filecoin launches Web3 data-storage solution for carbon offsets. [more]

8. Climate Action Data Trust (CAD Trust) is a new initiative that uses blockchain to create a decentralized log of carbon credits to store data from multiple major carbon registries. It plans to launch and share details in December. [more]

   • Climate Action Data Trust is a Singapore-based independent initiative associated with the Climate Warehouse End-to-End Digital Ecosystem operated by the World Bank.

9. Ethereum’s Layer 2 rollups reduce costs, but the risks are underappreciated. [more]

10. Visa filed two trademark applications to the United States Patent and Trademark Office (USPTO) related to digital wallets, non-fungible tokens and the metaverse. [more]

11. Google plans to launch a cloud-based node engine service for Ethereum developers and projects. It will be a “fully managed service” and Google will “actively monitors the nodes and restarts them if anything goes wrong.” [more]