Skip to timeline

Web3 is Going Just Great

...and is definitely not an enormous grift that's pouring lighter fluid on our already smoldering planet.

Created by Molly White. Subscribe to her newsletter for weekly recaps.

Start from the top

0xSifu loses more than $2.7 million to SushiSwap hack

0xSifu, also known as Michael Patryn, also known as Omar Dahani, is the once-pseudonymous chief developer of the Wonderland protocol. His identity was discovered by zachxbt in January 2022, when the crypto sleuth revealed that "0xSifu" was Patryn, a man with a history of financial crimes who was previously involved with QuadrigaCX, an exchange which lost over $150 million in customer funds in 2018.

Today, Sifu himself was the victim of a theft as a bug in the SushiSwap decentralized exchange allowed a hacker to make off with around 1,800 ETH (more than $3.3 million) belonging to him. According to SushiSwap leader Jared Grey, around 300 ETH (~$557,000) of Sifu's funds were subsequently recovered.

Analysts have found that almost 200 addresses on the Ethereum network have approved the vulnerable contract, and around 2,000 addresses approved the vulnerable contract on Arbitrum, Polygon, and other chains. It's not yet clear how much was stolen in total. SushiSwap leader Grey urged users via Twitter to revoke approval for the vulnerable smart contract.

Theme tags: Hack or scam
Blockchain tags: Blockchain: Avalanche, BNB Chain, Ethereum, Polygon
Tech tags: DeFi

Bitcoin mining firm sues business partner after they allegedly lose $500,000 in Bitcoin to fraudster

Bitcoin mining firm Sphere 3D has filed a biting lawsuit against its partner, Gryphon Digital Mining. According to Sphere 3D, Gryphon's CEO was fooled by multiple spoofing attacks in which fraudsters pretending to be Sphere 3D executives instructed him to transfer 26 Bitcoin (~$500,000). Sphere 3D further alleges that "Gryphon panicked when Sphere suggested that the incident be reported to law enforcement, including the Federal Bureau of Investigations ('FBI'), insisted that the issue could be handled between the parties, and demanded that no one report the theft to the authorities."

The lawsuit also alleges that Gryphon has " dutifully collected its exorbitant Management Fee while shirking its duties under the MSA and delivering abhorrent management services" and "skimm[ed] off the top (i.e., st[ole]) from Sphere's assets".

Theme tags: Hack or scam, Law
Blockchain tags: Blockchain: Bitcoin

dYdX exchange announces it will shut down Canadian operations

dYdX announced that it would be shutting down its decentralized derivatives exchange in Canada. They gestured toward regulatory issues in the post, writing that, "We hope that the regulatory climate in Canada will change over time to allow us to resume services in the country."

Canada has become more strict on cryptocurrency exchanges in recent months, particularly following the collapse of FTX.

Theme tags: Hmm, Law

Someone steals the Bored Ape belonging to former NFL star Dez Bryant

An illustrated ape with leopard print fur, wearing a crown, shades, and a sailor suit. It has its mouth wide in a grimace and is on a bright orange background.Bored Ape #2902 (attribution)
The latest ape escape has affected Dez Bryant, a former NFL player now turned "web3 innovator". Bryant was the proud owner of Bored Ape #2902, an ape with leopard print skin wearing shades, a sailor shirt, and a crown. However, on April 7, Bryant was apparently hacked, and the thief stole not only his ape but Moonbirds, World of Women, and RumbleKongLeague NFTs (one each) and some various cryptocurrencies.

The Bored Ape would likely fetch somewhere around $125,000 if resold. The other three NFTs would likely resell for somewhere around $8,700. Together with around $3,400 in stolen tokens, Bryant's total loss is around $139,000.

After some observers spotted the suspicious-looking transactions, Bryant confirmed on Twitter: "Yes my ape was stolen and I don't know how this is crazy".

Theme tags: Hack or scam
Blockchain tags: Blockchain: Ethereum
Tech tags: NFT

Gemholic raises 921 ETH (~$1.7 million) in a token sale only to realize funds are stuck

The Gemholic project raised 921 ETH (~$1.7 million) in a token sale only to discover there was no way for them to transfer those funds out of the smart contract. The project is built on the zkSync layer 2, and the smart contract developers implemented their transfer function using .transfer() — a common function used with Ethereum projects that is not supported by zkSync.

The zkSync project evidently came to the rescue of Gemholic, announcing that they would change the protocol in a new release to add support for Solidity functions such as .transfer(), which will ultimately free Gemoholic's locked funds.

Theme tags: Bummer
Blockchain tags: Blockchain: Ethereum
Tech tags: DeFi

Binance closes its derivatives arm in Australia

Binance announced it would be closing its derivatives business in Australia "following recent engagement with ASIC", referring to the Australian Securities and Investments Commission. The subsequent day, Reuters reported that ASIC had withdrawn Binance's financial services license at Binance's request, related to an ongoing investigation into Binance. The investigation has been underway since at least February, and involves misclassification of some Binance retail customers as wholesale users. Though Binance has forfeited its license, the investigation is ongoing.

Binance will continue to operate its spot exchange product in Australia, but customers will no longer be able to trade derivatives on the platform after April 21.

Theme tags: Hmm, Law

Someone accidentally spends 100 ETH (~$190,000) on a free NFT

A pink, orange, and yellow 3D gem with the OpenSea logo on the top facetOpenSea Gemesis NFT (attribution)
OpenSea launched a collection of "Gemesis" NFTs to celebrate the launch of their Pro platform and their acquisition of Gem, a rival NFT platform. Anyone who bought NFTs from the Gem platform was eligible to mint the NFT for free. The NFTs have been trading on the secondary market for around 0.06 ETH (~$110).

A trader apparently trying to bid $100 for one of the NFTs seems to have mistakenly entered 100 ETH, or around $190,000. The trade was of course quickly accepted by a seller who made a tidy 1666x the typical floor price.

Some have speculated the massive offer was money laundering, but the fact that the bid was an open offer that could be accepted by anyone seems to make that theory less likely.

Theme tags: Bummer
Blockchain tags: Blockchain: Ethereum
Tech tags: NFT

Sentiment protocol hacked for almost $1 million

The Sentiment liquidity protocol on the Arbitrum blockchain was attacked on April 4 for almost $1 million in various tokens, including wrapped Bitcoin and Ether, and several different stablecoins.

The attacker apparently took advantage of a re-entrancy vulnerability to execute the theft, then swapped the tokens and bridged them to the Ethereum main chain.

Sentiment tweeted that they were aware of the attack and investigating what had happened. They also stated that they were working with law enforcement. Later that evening, they sent a message to the hacker, offering to let them keep 10% of the stolen funds as a bounty if they returned the rest. Sentiment was audited by two crypto security firms.

On April 6, Sentiment announced that the exploiter had returned 90% of the funds, keeping $95,000 and receiving a promise from the organization that they would not try to prosecute the theft.

Theme tags: Hack or scam
Blockchain tags: Blockchain: Ethereum
Tech tags: lending

Paxful abruptly shuts down

Paxful, a peer-to-peer marketplace where people could trade Bitcoin, Tether (USDT), and USDC, suddenly announced on April 4 that they would be immediately suspending the marketplace. "We are not sure if it will come back," wrote CEO Ray Youssef.

Youssef was vague as to the reasons for the closure, writing that "While I cannot share the full story now, I can say that we unfortunately have had some key staff departures. Also, regulatory challenges for the industry continue to grow, especially in the peer-to-peer market and most heavily in the U.S."

Youssef later elaborated in a Twitter Space, explaining that he feared for the safety of user funds because of a lawsuit from his co-founder, who he also accused of "[driving] away all of our senior level staff".

Some had trouble withdrawing funds from the platform, though this seemed to be due to the overload. Youssef tweeted, "Paxful database is a bit overloaded now as everyone is withdrawing funds. It is making transfers slow. I promise funds r safe and they will clear soon".

On May 8, Paxful came back online, though it was unclear whether or in what capacity the business would continue to operate going forward.

Theme tags: Collapse
Blockchain tags: Blockchain: Bitcoin

Rumor tweet by crypto influencer causes BNB and Bitcoin sell-off

Crypto influencer Cobie made a wild guess on April 3 that an Interpol red notice might be issued for Changpeng "CZ" Zhao, the CEO of Binance. Binance has recently been hit with a civil complaint out of the US CFTC, whose contents are causing many to reasonably speculate that CZ might face criminal charges from the US in the near future.

Cobie decided he wanted to make a record of his prediction, so he tweeted the SHA-256 hash of the string "Interpol Red Notice for CZ". Typically, this would allow him to later reveal the seed, allowing him to prove after the fact that he had indeed made a correct prediction. Why? I don't know. Bragging rights I guess?

Anyway, according to Cobie, one of Cobie's inner circle leaked the seed, and the contents of Cobie's prediction were widely circulated on Twitter. Some thought the prediction was inside knowledge of events that had already transpired. Someone else began circulating a doctored screenshot of the Interpol website, purporting to show a red notice. People began offloading their BNB tokens (the native token for Binance and Binance's blockchain), causing a sudden 3% dip in the token price. Bitcoin also fell on the news.

Theme tags: Hmm
Blockchain tags: Blockchain: BNB Chain, Bitcoin

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.