OptiFi has promised to return user deposits and settle all positions. In a post-mortem, they wrote that they had learned that "Every deployment needs a rigorous process and single point failure can be avoided. Please don't rush like what we did, especially for defi projects". They further outlined a "peer-surveillance approach" in which three people would be required to deploy any changes together. They also asked the Solana team to implement a two-step confirmation for such a potentially destructive command.
OptiFi developer accidentally closes the project contract, irretrievably locking $661,000
OptiFi, a derivatives defi project, accidentally and permanently shut down the project smart contract, irretrievably locking up $661,000 — the project's entire fund. A developer had been trying to push an update to the project, and ran into issues related to Solana network congestion (a recurring issue). While trying to clean up from a partially-executed transaction, the developer accidentally ran a command that closed the project's primary smart contract.
Whistleblower website alleges that the creators of the Avalanche blockchain paid lawyers to attack competitors
An anonymous whistleblower website called "CryptoLeaks" has alleged that Ava Labs, the company behind the Avalanche blockchain, paid lawyers to sue competitors and obtain confidential information through legal discovery. The site includes secretly recorded videos of Kyle Roche, a founding partner of the Roche Freedman law firm which has filed class action lawsuits against numerous companies including Solana, Binance, and others. In some of the surreptitiously recorded videos, Roche is visibly drunk.
"A pact was formed that involved Ava Labs granting Roche Freedman a massive quantity of Ava Labs stock and Avalanche cryptocurrency (AVAX), now worth hundreds of millions of dollars, in exchange for Roche Freedman agreeing to pursue a hidden purpose," the site claims.
The site does include video clips of Roche saying some surprising things, although the clips are very short and devoid of context. The whole thing should be taken with a grain of salt.
Ava Labs founder Emin Gün Sirer dismissed the claims on the site as "conspiracy theory nonsense". Roche published a statement about the " numerous unsourced false statements and illegally obtained, highly edited video clips that are not presented with accurate context", in which he said that his statements about filing class action suits at the behest of Ava Labs were "false, and were obtained through deceptive means, including a deliberate scheme to intoxicate, and then exploit me, using leading questions. The statements are highly edited and spliced out of context."
CEO of Ragnarok metaverse game admits to treasury mismanagement, including nearly $2 million in trading losses and exorbitant salaries
Ragnarok is a metaverse role-playing game that launched its character NFTs in April 2022. The project received $1.75 million in seed funding, plus another $17.5 million from NFT sales and royalties.
On August 26, CEO Fanfaron published a Substack post providing a breakdown of the project's finances, which he began by saying, "As a previous business owner, and because Ragnarok is a startup and not a DAO, our initial plan was never to operate our finances in public, which is why we have historically been closed and unwilling to share full accounting of our balance sheet." As the post went on, it became clear there might be other reasons they were reticent to publish it.
The post revealed that Fanfaron had lost $1.827 million buying ETH during the crypto downturn: "I made mistakes by buying ETH multiple times when I thought it was an advantageous investment for the project, but then to protect downside risk and with the plan to reinvest at a better time, I sold our position in ETH, multiple times.."
It also revealed that the project is paying its team members apparently enormous salaries: $5.4 million in team compensation, plus another $1.5 million spent to buy out a co-founder. "We're a scrappy startup," he wrote, after also acknowledging that he pays himself $50,000 a month ($600,000 a year) — a number he already reduced by $600,000 from his original salary of $1.2 million per year. He ultimately promised in the post to pay back his trading losses.
As for the game, well, it exists, which means it's already ahead of a lot of crypto games. They launched an alpha version of the game in late July after multiple delays, with Fanfaron explaining, "Our vision was to create something similar to WoW... we were, however, overeager and optimistic with regards to how much time it takes to create such a world." The alpha is a multiplayer pixel art world where characters can walk around and talk to each other, and interact with buildings. Battling, leveling, quests, missions, and breeding are apparently all yet to come.
- "From Fanfaron"
- "Ragnarok: The MetaRPG", This Week in Avalanche
Indian financial crimes authority searches the offices of CoinSwitch, the country's largest crypto company
Financial crime agents from India's Directorate of Enforcement searched the offices of CoinSwitch and the residences of some of its executives. CoinSwitch is the largest crypto company in India, and is backed by Andreessen Horowitz, Tiger Global, and Coinbase Ventures.
According to the CEO, there's nothing to worry about, the search had nothing to do with money laundering (that's specific), and the agency only executed the search to learn more about its business model and user onboarding. Seems like a pretty weird way to do that, but what do I know.
TechCrunch, however, reported that four people familiar with the investigation stated the investigation was to do with potential violations of foreign exchange laws, and that the agency suspects CoinSwitch acquired $200 million in shares in violation of forex laws.
eth.link service about to go offline because domain owner is in prison
Some people might be familiar with ENS, the "Ethereum Name Service", which seeks to be a web3 equivalent of DNS. If you've seen people with usernames ending in
.eth, that's an ENS address. The problem is that .eth is not a functional top-level domain, and so many services relied on eth.link to surface these DNS records to other services.However, the eth.link domain is only rented for a set period of time and needs to be renewed. ENS DAO tweeted that the domain's owner, Virgil Griffith, is "unavailable". By this, they mean that he is currently serving his first of five years in prison for helping North Korea evade sanctions. With Griffith "unavailable", the project has found itself at the mercy of GoDaddy. Welcome to the decentralized web3 we've all been promised!
Although GoDaddy previously allowed another person to renew the domain on Griffith's behalf, they reversed that decision, and now say they intend to allow the domain to expire on September 5.
The ENS DAO issued a series of tweets urging people to switch to a different service, given the risk that the domain could be snapped up. "If the name expires and is acquired by someone with ill intent, the damage they could do via phishing is substantial - so please update your links and alert your users of the issue immediately," they wrote.
The latest Pokémon-themed rug pull nets $708,000
It's not much compared to at least three separate crypto Pokémon ripoffs since February that have each taken millions, but apparently the love of Pokémon still drew people in to the tune of $708,000.
One might think the blatant rip-off of the Pokémon IP (which belongs to a notoriously litigious company) might have been a red flag, but nevertheless, people bought in to PokémonFi — a play-to-earn game that seems like a much worse version of the original thing.
The project and tokens first launched in April. After apparently running off with the money, the project deleted its Twitter account, though its website remained live.
Researcher zachxbt alleges that teenager who stole crypto worth $37 million in 2020 is responsible for a spate of crypto-related Twitter hacks
In 2020, a Canadian teenager used SIM swapping to steal US$37 million in Bitcoin and Bitcoin Cash from a single person. Canadian police announced his arrest in November 2021 after he tried to buy a rare gaming username, also writing that they had seized around $5 million of the stolen funds.
Now, crypto investigator zachxbt thinks the same individual is indirectly responsible for a slew of compromised Twitter accounts that have then been used to promote crypto scams, including those of Beeple, DeeKay, and others. According to zachxbt, he has been selling access to a Twitter admin panel, which allows employee-level access to Twitter tools. This might explain how many of the accounts were compromised despite being protected by multi-factor authentication. According to zachxbt, "It's still unclear as to how Redman gained access to the panel to make elevated requests & reset passwords. As of now it appears the method stopped working".
10% of Ethereum nodes at risk of being booted from cloud hosting provider
The virtual server provider Hetzner posted a clarification that using its service to mine Ethereum — either in its current form or in the promised proof-of-stake version — violates its terms of service and that the company has been "internally discussing how we can best address this issue".
16% of all hosting nodes (a category that makes up 62% of all nodes by network type) are hosted with Hetzner — 10% of all nodes. If 10% of all Ethereum nodes being supported by one company sounds awfully centralized to you, wait til you hear that 30% run on Amazon services.
SudoRare NFT exchange rug pulls for $820,000
Six hours after its launch, the team behind the new SudoRare NFT exchange took the money and ran, deleting the project website and social media. People had already warned about issues in the project contract that signaled it could be a scam, but those were either unseen or unheeded by the people who put a collective $820,000 of various tokens into the project.
At least one of the scammer wallets interacted with the Kraken crypto exchange, a U.S.-based exchange that requires KYC, so it's possible that Kraken could help identify the scammers — though they've not made any public moves to do so.
- "NFT Exchange SudoRare Goes Dark After $820,000 Rug Pull", CryptoBriefing
- "SudoRare Pulled the Rug for $820,000. How Will Kraken Respond?", CryptoBriefing
Group charged for stealing over $4 million in transaction reversal scheme
The U.S. Attorney's Office of the Southern District of New York announced charges against three men responsible for a scheme in which they stole millions from cryptocurrency exchanges and traditional banks. The group used stolen identities to buy cryptocurrency from various crypto exchanges, then convinced the banks that the fraudulent transactions were, well, fraudulent. The banks would refund the transactions to the thieves, who would then make off with both that and the cryptocurrency they had purchased.
The three men were charged with wire fraud, bank fraud, and identity theft charges, and face potential decades in prison if convicted.
- "Three Members Of Miami Crew Charged With Defrauding Banks And Cryptocurrency Exchange Of More Than $4 Million", U.S. Attorney's Office of the Southern District of New York