Yuga Labs' 3-week-long "Dookey Dash" game tournament ends amidst allegations of widespread cheating

February 8, 2023

Yuga Labs' 3-week-long "Dookey Dash" game tournament ends amidst allegations of widespread cheating

A monkey sits atop what appears to be some kind of underwater motorcycle, navigating through a murky sewer pipe with various obstacles in the distance

Yuga Labs released an endless runner game called "Dookey Dash" (really) where players compete to see how long they can keep their character navigating through a sewer pipe without crashing. Access to the game is granted through "Sewer Pass" NFTs, which can be claimed by people who own Bored Apes or Mutant Apes, but which were also trading on the secondary market for around 3.1 ETH ($5,100).

Yuga Labs has said that, following the end of the three-week-long game tournament, the Sewer Passes with non-zero scores in the game will transform into something new, with the idea that higher scorers may receive more valuable NFTs.

This, of course, incentivized users to try to cheat in the game by creating bots, changing the browser-based game code to eliminate obstacles, or access game seeds that allowed them to predict the layout of a course run. Sewer Pass holders began paying others to play their game for them — either more skilled players, or players who were using these tools. Some were charging up to 2.5 ETH (~$4,200) to obtain scores of 700,000 or more for those who hired them.

Yuga Labs has promised to review gameplay to ensure that those who cheated are disqualified. They've also warned people buying Sewer Passes after gameplay ended that if they buy a pass that is determined to have cheated, it will be worthless. Some are skeptical of Yuga's ability to accurately detect cheaters, and others have expressed concern over false positives in the game's cheat detection that appeared to be caused by slower Internet connections.

February 8, 2023

Creator of MetaBirkins NFTs loses trademark infringement lawsuit from Hermès

A digitally rendered handbag resembling a Birkin bag, which has been covered in faux fir with a yellow smiley face print

MetaBirkin #98 (attribution)

A year ago, the Hermès luxury brand slapped Mason Rothschild, creator of "MetaBirkins" NFTs, with a trademark lawsuit. The suit centers on his NFT collection: a series of 100 digitally rendered, faux-furry handbags resembling the luxury Birkin bag design. The NFTs had enjoyed $1.2 million in trading in their two months of existence before the lawsuit was filed, and Rothschild estimated he made around $125,000 from the project.

Rothschild tried to argue that his work echoes Andy Warhol's Campbell's soup cans and other "brand art".

Hermès, on the other hand, argued that Rothschild was simply a "digital speculator" hawking a "get rich quick" scheme, and trying to profit off consumers' confusion that the NFTs were an official Hermès production. They claimed they have their own plans for NFTs, and that Rothschild impeded those with his project.

Ultimately, the jury found that Rothschild had infringed upon the Hermès trademark, and awarded the company $133,000 in damages.

"[Hermès] feel they have the right to choose what art IS and who IS an artist... Not because of what they create but because their CV doesn't scream artist with a pedigree from a world class art school," accused Rothschild after the decision, though he was not actually the designer of the images used in the NFT project.

February 7, 2023

Coin Cloud crypto ATM operator files for bankruptcy

CoinCloud crypto ATM (attribution)

The US-based company Coin Cloud, which operates crypto ATMs in the US and Brazil, filed for bankruptcy on February 7. They are the second largest crypto ATM operator in the world, and also in the US.

The company disclosed liabilities between $100 million and $500 million, and assets between $50 million and $100 million. In a filing, they reported they had 5,001–10,000 creditors.

By far the largest creditor is Genesis, a crypto lending firm that is also undergoing bankruptcy proceedings. Coin Cloud has a $116 million loan from Genesis, around $108 million of which is unsecured. Coin Cloud also owes a $7.6 million secured debt to crypto lending firm Enigma.

According to Coin Cloud, contributing to their bankruptcy was a $35 million deal with a vendor who they allege sold them faulty ATMs in February 2021, and with whom they are in litigation. Furthermore, in September 2021, the firm providing Coin Cloud's ATM software tried to terminate their software agreement, and pushed a software update that rendered the machines inoperable, causing days- or weeks-long outages. Coin Cloud decided to deploy unfinished ATM software that they had been using internally, and which was quickly hacked for around $6.5 million. Finally, Coin Cloud claims a chief marketing officer they hired lied about his credentials, and then spent $20 million more than he was budgeted.

February 6, 2023

Webaverse discloses $4 million theft via a mysterious social engineering attack

(attribution)

The metaverse gaming company Webaverse disclosed on February 6 that they had suffered a $4 million theft several months earlier. They outlined what appeared to be a complex scam in which individuals posing as venture capitalists convinced them to meet in person in a hotel lobby in Rome, transfer funds to a new crypto wallet, and show it to them. The Webaverse team appeared to believe that the scammers somehow managed to steal funds from the wallet solely by taking photographs of the new Trust Wallet, with no QR codes or private keys showing.

Trust Wallet published a thread about the theft, characterizing it as a social engineering scam perpetrated by an "organized crime unit from Rome". However, they didn't clearly address the claims about funds being stolen via a photograph of the Trust Wallet. Trust Wallet seemed to suggest they believed that the theft may have been perpetrated via malware transmitted in a PDF containing KYC information.

Webaverse described the incident as "undoubtedly a setback", but expressed belief that they would be able to continue operating.

Webaverse theft statement, Google Doc
Tweet thread by Trust Wallet

February 6, 2023

Binance suspends USD bank transfers

(attribution)

Binance announced that they would be "temporarily suspending USD bank transfers" with two days notice.

This comes in the wake of various crypto exchanges — Binance included — appearing to have difficulties with banking. On January 21, Binance announced that users wouldn't be able to use SWIFT for transfers below $100,000 via Signature Bank. Meanwhile, Crypto.com's Lithuanian payment processor, Transactive, has faced a crackdown from the Lithuanian banking regulator leaving Crypto.com users without access to Euro-denominated deposits and withdrawals.

February 3, 2023

Logan Paul slapped with a class action lawsuit over CryptoZoo rugpull

A pixel art bear with a duckling(?) head

A "Bearling" zoo creature from Paul's promised CryptoZoo game (attribution)

Logan Paul is now facing a class action lawsuit over his CryptoZoo project, a planned NFT game that Paul apparently lost interest in and abandoned — after profiting handsomely, of course, off his fans who put millions into the project.

Scam sleuth CoffeeZilla dug into the project in a multipart YouTube series recently, drawing legal threats from Paul. After plenty of negative publicity, Paul withdrew the legal threats and promised to develop a refund plan for some of the funds that were invested, though it is a small fraction of the money lost in the project.

Rather than wait to see if Paul comes through with refunding only a small portion of their money, a group has formed a class action lawsuit against Paul and others who helped with the project. The lead plaintiff put a total of around $3,000 into the project altogether.

The suit accuses Paul and his team of a whole host of charges including fraud, breach of contract, unjust enrichment, deceptive trade practices, negligence, and fraudulent misrepresentation.

Holland v. CryptoZoo, Inc.

February 2, 2023

Orion Protocol suffers $2.9 million hack

(attribution)

The decentralized exchange Orion Protocol suffered a loss of 1,757 ETH (about $2.9 million) from the company treasury funds thanks to a reentrancy attack.

Orion Protocol CEO Alexey Koloskov wrote a Twitter thread confirming the attack, but claiming that although they weren't sure how the hack was perpetrated, it wasn't due to the fault of their own code. Koloskov wrote that he thought the issue "might have been caused by a vulnerability in mixing third-party libraries in one of the smart contracts used by our experimental and private brokers."

February 1, 2023

Bonq defi borrowing project exploited

(attribution)

The Polygon-based defi borrowing protocol Bonq suffered an attack in which 112 million ALBT tokens and around 100 million BEUR tokens were stolen. A flaw in the protocol enabled the attacker to modify oracle prices, allowing them to mint new ALBT and BEUR for significantly less than market price.

The attacker quickly bridged the tokens to the Ethereum chain and swapped them for ETH and USDC, collectively worth around $1.7 million. The price of ALBT plunged around 50%, and the BEUR Euro-pegged stablecoin significantly lost its peg.

January 31, 2023

Bitcoin community erupts over "Ordinals": Bitcoin-based NFTs

A black pixel-art skull resembling a calavera, on a white background

Inscription 0, the first Ordinals NFT (attribution)

A recent project called "Ordinals" has the Bitcoin community up in arms. The project is the latest attempt to introduce NFTs to the Bitcoin blockchain, a controversial subject among a group of people with strong ideological beliefs about what Bitcoin should be. Ordinals takes advantage of a change in the blockchain codebase called SegWit that was introduced in 2017, and stores NFT data in a portion of the transaction called the "witness". Some think this is a clever hack, while others think they're abusing the design.

Following the change, Bitcoin block sizes have reached all-time highs nearing 2.5 MB. Some are not thrilled that the size of the chain is ballooning with what they view to be junk data, given the whole thing needs to be recorded forever.

Longtime Bitcoin Core developer Luke Dashjr described Ordinals as a "spam attack" and an "attack on Bitcoin's fungibility", warning they would "break" the major Bitcoin-based projects Lightning and CoinJoin. He has argued that the miners should begin filtering the transactions as spam, which brought strong reactions from some in the community who pushed back that Bitcoin should be censorship resistant. "1) Bitcoin hasn't been censorship-resistant since mining centralisation. 2) Censorship resistance is about censorship, not fighting spam/attacks," he replied. Dashjr's fellow Core developer Adam Back also seemed unimpressed with the project, tweeting about Ordinals' "sheer waste and stupidity".

Ordinals are not the first Bitcoin-based NFTs, but they are the most recent and perhaps the most popular. On February 9, an "Ordinal Punk" — a Bitcoin-based homage to Ethereum's CryptoPunks — sold for 9.5 BTC (~$218,000).

January 31, 2023

Rally sidechain shuts down with under a day's notice, taking users' tokens with it

(attribution)

Rally is an Ethereum sidechain built to support "social tokens" — typically, tokens intended for fans of various celebrities or groups.

Fans of creators including Felicia Day (actress and famous nerd), Brandon Powell (LA Rams wide receiver), and Portugal. The Man (rock band) may be disappointed, however, because Rally announced with under one day of notice that they would be shutting down. "This means that after today, the site will no longer be supported and you may experience a degradation in services or it may simply become inoperable. Additionally, since NFTs on the Rally sidechain are not transferable to mainnet, these will not be accessible once the site shuts down," they wrote in an email. The project also deleted its Twitter account.

The group behind the Rally Network had raised $57 million in funding in 2021, and was backed by VCs including Andreessen Horowitz.