RocketSwap - REKT
Base is having its moment in the spotlight.
But presumably not for the reasons Coinbase would like.
RocketSwap has lost ~$869k to compromised private keys, allegedly stolen in a bruteforce attack on the project’s server.
And it’s not even the first time they’ve been in hot water.
Two weeks ago, the high-profile rugpull of BALD was followed quickly by LeetSwap getting rekt.
This feels like the same old familiar story of low-effort cash grabs capitalising on the FOMO of missing the 'next big thing'.
If Base is supposed to be our new hope for a boom in retail adoption, we'll have to do better than this…
Credit: Certik, Peckshield, RocketSwap
At approximately 11pm UTC on August 14th, RocketSwap's farming contracts were drained via an internal address.
If the team is to be believed, the project's announcement of the incident states that the keys were bruteforced from the server on which they were stored:
We are sorry to inform you that the team needed to use offline signatures when deploying the launchpad and put the private keys on the server.
A brute force hack of the server was detected, and due to the proxy contract used for the farm contract, there were multiple high-risk permissions that led to the transfer of the farm's assets.
We shut down the farm to prevent further damage.
The team have promised to redeploy the farming contracts directly, i.e. not via a proxy contract, and relinquish minting privileges.
But with comments disabled on their tweets and the community Telegram also on pause, one wonders why they are so keen to control the narrative…
Attacker’s address: 0x96c0876F573e27636612CF306C9db072d2B13DE8
The attacker bridged 472 ETH back to Ethereum as well as launched their own memecoin with 400 ETH liquidity, maybe hoping for a repeat of the BALD frenzy.
While Base may be Coinbase signaling to the community that they still believe in crypto's core principles, especially whilst under pressure from the SEC, this messy start might just spur on Gensler even further.
Building on top of OP, one of the more utopian visions for crypto and with a strong focus on public goods, is a show of support for what the tech could accomplish and a motivating force during times when spirits are low across the industry.
Though even the most well-intentioned platforms sometimes beggar belief with their inability to read the room.
But Base itself is, so far, drawing parallels to the early days of BSC, a new chain launched by a CEX, full of memecoins and quick rugs (another project, SwirlLend, has rugged since).
This stage may just be part of the natural evolution of a new chain...
Are all experiments destined to go through the same ordeal?
REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.
donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C
disclaimer:
REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.
you might also like...
BALD on Base - REKT
Coinbase’s compliant and grown-up L2 is already a shitshow. BALD pulled the rug for $23M, and the deployer has some interesting connections... YOLO-mania is in full force while DeFi burns.
Surviving Digital Danger
Think you've mastered the crypto minefield? Think again. Surviving Digital Danger - The rekt guide to turning paranoia into an art form. It's time to level up your crypto survival skills.
Eigenoops
Eigerlayer’s $6 million oopsie. In this week’s game of "Whoops, Where'd the Tokens Go?", are we watching a masterclass in social engineering, or did someone's fingers get a little too sticky in the EIGEN cookie jar?