Cypher Protocol, situated in Solana, has prevented approximately $600,000 in stolen funds from leaving centralized exchanges.
Cypher Protocol, a decentralized futures exchange based in Solana, managed to freeze $600,000 worth of cryptocurrency taken on August 7 via a security flaw.
In a post on X (Twitter) on August 18, Cypher Protocol reported that, with the assistance of several independent blockchain investigators, more than half of the stolen funds had been effectively frozen across centralized exchanges.
“The return of these funds will be predicated on the cooperation of these CEXs and seizure warrants being issued by law enforcement,” it stated.
update from cypher
~$600k has been frozen across CEXs, the return of these funds will be predicated on the cooperation of these CEXs and seizure warrants being issued by law enforcement
— cypher ©️ (@cypher_protocol) August 17, 2023Cypher was exploited for approximately $1 million on August 7, causing the protocol to suspend intelligent contracts. The DeFi exchange facilitates lending and borrowing via primary accounts with multiple sub-accounts that are cross-collateralized.
Halborn, a blockchain security company, explained that the vulnerabilities prohibited accurate tracking of isolated sub-accounts and insufficient margin checks prior to borrowing.
Using multiple accounts, the attacker exploited these code vulnerabilities to steal an estimated $1 million worth of various crypto assets, including USDT, USDT, SOL, wETH, and a smattering of altcoins. The team contacted the perpetrator on August 10 after offering a 10% white hat bounty worth approximately $120,000.
Two days later, the protocol reported that the intruder had missed the deadline to return the funds and made the reward public. They also alluded to partial knowledge of the exploiter’s identity.
The reward bounty is now open to the public pic.twitter.com/fEIiQ8rTKN
— cypher ©️ (@cypher_protocol) August 12, 2023Cypher announced a redemption plan and “socialized losses policy” to distribute remaining assets to affected users on August 16. It was specified that a redemption package containing protocol assets would be distributed proportionally based on user share.
“The value used for redemption in relation to a margin account will be based on a snapshot of the account’s assets at the time Cypher protocol was frozen,” totaling approximately 31 cents on the dollar, according to the statement.
In its most recent statement, Cypher thanked blockchain sleuth ZachXBT, stating that “he was invaluable to the Cypher team and the primary contributor in the initial freezing of funds across multiple CEXs, as well as assisting in tracking down the attacker.
According to the REKT database, the Cypher exploit was the third greatest in August. DeFi protocol Zunami was the victim of a $2.1 million flash loan attack on August 13, while yield aggregation platform Steadefi was exploited for $1.1 million on August 7.
