Posts

WinterMute Hack | Bug in Profanity & Stablecoin Laundering

avatar of @idiosyncratic1
25
idiosyncratic1
@idiosyncratic1
·
·
0 views
·
2 min read

WinterMute, the liquidity provider and famous market maker, got hacked due to a bug in the address generator system for hot wallet actions. According to Coindesk crypto news, the total amount of exploit reaches up to $160m cryptocurrencies.

Profanity has an interesting system that automatically generates new addresses for additional security layer. Though it may sound like 100% secure system, it also has some fundamental risks:

Ethereum addresses consist of 40 hexadecimal characters that are usually random — but tools exist to generate a very large number of possible addresses until one is found that contains a certain desired sequence like a word or name. -Verge

If you check Profanity Github, you will see that the number of total forks has reached 173 as of writing. It may clearly explains the previous hack event that was associated with Profanity's vulnerability that resulted in loss of $3.3m Ethereum in total. Still, it is a highly risky mechanism of security that can be adapted for million-dollars projects!

Stablecoin Laundering 2.0

The hacker made a smart move by providing liquidity to 3crv stablecoin pool to make it harder for centralized systems to free his/her tokens in the wallet.

Most of the stolen funds — $114 million in USDC and USDT stablecoins — have been moved to Curve Finance flagship “3Crv” liquidity pool. That may make it harder for centralized stablecoin issuers Circle and Tether to freeze the tokens - The Block

This brilliant idea may open a new era for the stolen stablecoins' destiny. Hackers may not use Wormholes that mix the transactions or make the transactions untrackable; rather, the hackers may provide liquidity, stake their LP tokens and convert them and make it harder to track on chain.

WinterMute Hack is a Case Study!

There are 3 important lessons to be taken.

Lesson 1: When you have enough funds to cover your losses, the market does not react to the hack in a negative way. Though WinterMute is an important player of De-Fi, market did not show an over-reaction to this event ✅

Lesson 2: Do not use pre-mature / not stress-tested security layers. We witnessed that these fancy services may be exploited by hackers smoothly until the hacks are recognized. I'm not sure if Profanity and similar service providers will be trusted as much as before. ❌

Lesson 3: Stablecoin hacks will evolve after this smart move! Honestly, this hack opened some new places in our minds over the possible way that hackers may follow to make it nearly impossible to be tracked on some complex De-Fi products. The moment funds are added to stablecoin pools and LP tokens are switched to several different forms, Centralized Players like USDC cannot freeze any asset that is stolen ❌

The WinterMute case has a potential to be a milestone in De-Fi history. I hope the lessons are taken for every project and institution. Once again we see that blockchain is unstoppable in its nature. Centralized players can interfere till some points ✌🏼

Posted Using LeoFinance Beta