Skip to timeline

Web3 is Going Just Great

...and is definitely not an enormous grift that's pouring lighter fluid on our already smoldering planet.

Created by Molly White. Subscribe to her newsletter for weekly recaps.

Start from the top

First Arbitrum DAO vote spirals into disaster: DAO rejects $1 billion spending proposal, but Arbitrum already started spending

After a bumpy start to the airdrop that distributed governance tokens to Arbitrum users, the first use of those governance tokens arguably went even worse. Arbitrum submitted a proposal for DAO members to vote on various governance processes, as well as the distribution of 750 million ARB tokens to an "Administrative Budget Wallet" — tokens that were priced at around $1 billion.

The vote, which still has a day left before completion, is currently standing at 75% against and 25% in support. However, it was discovered that Arbitrum had already begun spending those 750 million tokens, including via the movement of a substantial amount of tokens, and "conversion of some funds into stablecoins for operational purposes".

Another Arbitrum team member subsequently published a post in which they claimed that the proposal was not really a vote but rather a "ratification" of decisions that had already been made by the Arbitrum team, leading many to question what the DAO was even for in the first place. Others questioned the fact that Arbitrum was receiving so much money to use however they liked, not subject to DAO approval.

Things got even messier when the Arbitrum Twitter account "clarified" that "40M $ARB tokens have been allocated as a loan to a sophisticated actor in the financial markets space", and the rest had been sold off for "operational costs". The loan of $52 million worth of ARB to an unnamed actor and the conversion of another $13 million to stablecoins led some to accuse the Arbitrum team of "selling off", cashing in far more than would likely be required for foundation costs in a brief period of time.

Theme tags: Bad idea, Hmm
Blockchain tags: Blockchain: Ethereum
Tech tags: DAO

Arbitrum airdrop plagued by downtime, bugs, and scams

A token airdrop from the popular Arbitrum Ethereum L2 illustrated many of the challenges with airdrops: events where tokens are automatically distributed to a group of crypto wallets, in this case based on how much they had used the platform. The tokens will ultimately be used for community voting on protocol changes, but also have value on the secondary market. Users were eager to snap them up, particularly as users speculated that the price could reach $10/token (as yet it has not, remaining around $1.38).

However, the airdrop had a bumpy start, with scammers latching on to the event to proliferate fake airdrop websites. Phishers reportedly scammed more than 10,000 people using these schemes. At one point, Twitter even suspended the real Arbitrum Twitter account after mistaking it for one of the many phishing accounts. Attackers also compromised a Discord account belonging to an Arbitrum developer, using it to post a phishing link to the official Arbitrum Discord server.

Then, when the time for the airdrop came, the token claiming website crashed on the traffic, as did the Arbitrum block explorer. Those who were able to claim their tokens paid exorbitant gas fees, and some wallets attempting to estimate required gas fees malfunctioned, showing estimates in the billions of dollars.

Finally, the airdrop was widely gamed by people commandeering hacked vanity addresses to receive the airdrop tokens allocated to them, with at least $500,000 worth of tokens reportedly claimed by one attacker. Other attackers scrambled to compete with one another to claim tokens allocated to compromised wallets whose private keys had been shared publicly on Github and elsewhere, trying to be the first to siphon the funds. Two additional exploiters siphoned a combined total of more than 1 million ARB tokens from other wallets. One sold them for 713 ETH ($1.27 million); the other transferred the ARB tokens to other wallets.

Theme tags: Hack or scam, Hmm
Blockchain tags: Blockchain: Ethereum
Tech tags: DAO

PeopleDAO loses $120,000 after payment spreadsheet is shared publicly

PeopleDAO is the successor to ConstitutionDAO, a group that made an ill-fated attempt to buy a copy of the US Constitution in November 2021. When the accounting lead for PeopleDAO accidentally shared an editable accounting spreadsheet link in a public Discord channel, an enterprising member of the Discord decided to take advantage. They inserted a row with their own wallet address for a 76 ETH (~$120,000) payment, then hid the row so it wouldn't display to the other viewers.

When team leads reviewed the spreadsheet to sign off on the payments, they didn't see the row, and there was no rollup showing total payments or anything else that would've helped them catch the malicious activity. The transactions were uploaded to a tool allowing asset transfers via CSV, and the required six out of nine multisig members approved the transaction.

PeopleDAO have reported that they're working with various security researchers to track the funds, and have reported the theft to the FBI and FTC.

Theme tags: Hack or scam
Blockchain tags: Blockchain: Ethereum
Tech tags: DAO

French fry-themed DAO loses $2.3 million due to Profanity exploit

friesDAO describes itself as a "a decentralized social experiment where a crypto community builds and governs a fast food franchise empire via wisdom of the crowd". Welcome to the future.

Anyway, friesDAO seems to have fallen victim to the same Profanity vulnerability that has affected projects who used the tool to generate vanity wallet addresses. friesDAO wanted a wallet address beginning with 51D35 ("SIDES"), and as a result they opened themselves up to a major loss.

The project had previously announced that they had raised $5.4 million in funding, suggesting this attack drained almost half of the project's funds.

Theme tags: Hack or scam
Blockchain tags: Blockchain: Ethereum
Tech tags: DAO

DAO Maker allegedly tries to dodge hack repayment promises

In August 2021, DAO Maker (not to be confused with MakerDAO) was hacked for $7.38 million. The stolen funds were taken from users, rather than a project treasury, and 5,521 people lost an average of $1,250 each. DAO Maker promised to compensate impacted users with a mix of the USDC stablecoin and USDR: an IOU token that they promised users would be able to redeem a year later for 110% of its dollar value.

Now that year mark is approaching, and a report from Rekt alleges that DAO Maker is trying to wiggle out of their promises through a governance vote, which they've framed as trying to "prevent major $DAO DUMP from USDR distributions". Meanwhile, they've deleted the post that explained the original distribution plan.

Most members of the DAO today were not affected by the attack, and so stand to benefit from not honoring the payout. One voting option suggests that these users "had their chance" to cash out their USDR, apparently ignoring that people were holding out for the promised 110% redemption.

Some whistleblowers have also claimed that team members have recently moved large quantities of DAO tokens to various wallets to vote. Some have also claimed that those team members recommended buying USDR tokens several months ago for below $1.10, as a safe arbitrage opportunity when they became redeemable for that amount.

Theme tags: Shady business
Tech tags: DAO

Blu3DAO faces claims that they've misused grant money to benefit founders

Blu3DAO is a DAO that describes itself as "focused on empowering women, non-binary people, and allies to learn, earn, and play in web3 towards financial freedom". The group was the target of some negative attention two days prior, after an incident in which several members of Blu3 leadership accused a man of harassment at the Devcon Ethereum conference.

On October 11, a crypto developer advocate wrote a thread about the group, starting by saying "Most of the members of Blu3DAO are great people working towards a good cause. Despite this, there have been things around their finances that I personally have found questionable. I've refrained from calling them out & it's something that has bothered me for a long time". She went on to allege that the group had solicited over $1 million in grant money from the Harmony community, misusing a personal relationship with a member of Harmony to continue to obtain grant funding while the group had paused grant allocations, and using funds to personally benefit the founders.

"I run an organization dedicated to advancing womens & nb ppls careers. And this type of grifting only hurts everyone," wrote the developer advocate in her Twitter thread. She also wrote, "In the coming days they'll post some fraudulent report clearing them from wrongdoing. They're running an elaborate scam with many wallets. One of them is literally married to a decision maker at harmony. Lmaooo. Fuck the[m] scammers"

Blu3DAO's founders responded to the allegations by claiming that they had only ever received $75,000 of the $1 million they were committed by Harmony, and that the funds were still in the DAO treasury. They also claimed that the Blu3 DAO members were never paid for their work, and that the money from Harmony was "flow-through reimbursements for scholars/hackers' travel expenses".

Theme tags: Hmm, Shady business
Blockchain tags: Blockchain: Ethereum
Tech tags: DAO

Harassment accusation at Ethereum conference triggers wave of online misogyny and racism

A Black woman attending the major Devcon Ethereum community event in Bogotá posted to Twitter a photograph of a man at the conference, writing, "Day 1 of Devcon and a group of us women got harassed by a gross guy! What did the Ethereum Foundation team do? Smiled and chatted with him for 10 minutes and let him go on his way! I feel horribly unsafe at this event. 👎 Take women seriously when they report harassment." Blu3DAO, a DAO with which she is associated and which describes its mission as "empowering women, non-binary people, and allies to learn, earn, and play in web3 towards financial freedom", later also tweeted that "we would like to formally address & acknowledge that an incident has occurred at Devcon", referencing the claim.

The man in the photo subsequently tweeted his version of events, in which he described encouraging the woman and her friends to jump up while taking a 3D photograph, and then gave them a thumbs-down gesture when they reacted in annoyance to him. He then claimed that they harassed him throughout the conference, by stalking him throughout the conference and posting his photo online with vague allegations of harassment.

The woman later elaborated on the event that had precipitated her report to Devcon staff, saying the man had been "verbally boo'ing and taunting us" at the photo booth.

It's a little unclear what actually happened at the event and who is at fault, something I don't intend to speculate on as a complete outsider. However, what's not unclear is the reaction from some people in the crypto community, who have used the incident (and their belief that the woman fabricated the harassment story) as evidence that all women, people of color, and "wokeness" are a blight on the crypto space. Various crypto enthusiasts have used the opportunity to denigrate what they view as a general issue of "feminazis", "purple hairs", or "SJWs" in crypto, and DAOs that aim to encourage gender minorities to engage with crypto. "Letting SJWs infiltrate into crypto was a huge mistake", wrote one person. "This is the woke crowd we didn't have to deal with last cycle. They came into crypto with their distorted vision of everything. [Crypto Twitter] got your back, mate."

Theme tags: Yikes
Blockchain tags: Blockchain: Ethereum
Tech tags: DAO

Bank run leaves BendDAO with 5 ETH and a bunch of NFTs they can't sell

Honestly, who can blame BendDAO for failing to consider that the hype bubble around Bored Apes and other NFT projects might not last forever! "We underestimated how illiquid NFTs could be in a bear market when setting the initial parameters", the project wrote in a governance proposal.

BendDAO allows people to take out loans with their NFTs as collateral. However, if the floor price of those NFTs drops too far and the borrower doesn't pay back some of the loan to adjust its risk rating, other people can bid on the NFT.

The problem with this whole plan was revealed when lenders' confidence was shaken when it was reported that $5.3 million in Bored Apes were at risk of liquidation. Panicked users withdrew their assets from the platform, resulting in a bank run that drained the reserves to a low of 5 ETH (~$8,200). BendDAO had other assets, of course: the NFTs below the liquidation threshold. However, a lack of interested buyers willing to pay the minimum prices (95% of the collection floor price) left the project in a tough spot.

Since the extremely close brush with a liquidity crisis, the project has begun to consider a proposal that would reduce the threshold at which NFTs can be liquidated, reduce auction and liquidation protection periods, remove the 95% floor price bid requirement, and increase interest rates.

Theme tags: Bad idea
Blockchain tags: Blockchain: Ethereum
Tech tags: DAO, DeFi, NFT, lending

Bribe Protocol team disappears after raising $5.5 million

The Bribe Protocol promised a DAO infrastructure tool where "token holders get paid to govern", and raised $5.5 million in funding in January to work on their extensive roadmap. However, the project leaders have effectively disappeared. There are no posts on the project's Twitter account since May, their Medium page has been untouched since March, and the Discord is a ghost town aside from the occasional message asking about the status of the project and the inevitable reply that the developers had rug pulled.

Bribe Protocol was incubated by Advanced Blockchain AG and Composable. Composable might ring a bell, because in February its pseudonymous head of product, 0xbrainjar, was revealed to be Omar Zaki, who had settled with the SEC over charges that he had misled investors while operating an unregistered investment advisement company and hedge fund. At the time, he wrote that "I do not want a mistake in my youth to cloud all of the team's efforts", though the SEC charge was filed less than three years prior, when Zaki was 21.

An employee of Figment Capital, one of the investors in Bribe Protocol, claimed that the project had formally shut down and returned 86% of the funds raised from institutional investors, though "retail took a huge L". However, this doesn't appear to have been publicly announced by the project.

Bribe Protocol is, of course, not to be confused with the other Bribe Protocol, a defi project that was abandoned in May 2021.

Theme tags: Rug pull
Tech tags: DAO, DeFi

No more Dune or DAO for the Dune DAO

Photograph of the Dune storyboard bookDune script bible (attribution)
"DAO delusion was at its peak when the community went into this journey together", wrote SpiceDAO founder Soban "Soby" Saqib. SpiceDAO (named for the Dune drug) won an auction to buy a copy of the Dune script bible in January — at $3 million, far above its usual selling price, likely because it was public knowledge how much the DAO had raised. DAO members celebrated afterwards, excitedly anticipating an animated television series based on the book, apparently not realizing that buying a book (even for a very high price) does not confer rights to publish derivative works.

The DAO has stumbled along somewhat since its January victory, encountering issues with making the bible viewable to DAO members without breaking copyright laws, a diminishing treasury due to declining crypto prices, and controversy after Soby was linked to the Remilia Collective.

After all that, the project leader suddenly and apparently unilaterally announced a plan where members could redeem their SPICE for ETH, and stated that they would be removing project leaders, converting the DAO to a private company, and selling the Dune bible (likely at a major loss). It was nice knowing you, SpiceDAO.

Theme tags: Hmm
Tech tags: DAO

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.