Hello Defiers! Here’s what we’re covering today,
MoonCats, the NFT cats pre-dating CryptoKitties, spur a buying frenzy
Social token platform Roll gets hacked for almost $5.7M
PancakeSwap and Cream get hacked in DNS attack
Ethereum proposal to increase block rewards draws criticism
and more :)
Also, please consider contributing to our Gitcoin grant! We’re using everything raised on this round towards gifting Defiant subscriptions. You can nominate whoever you think would benefit the most from full access to the best DeFi information and journalism out there —including yourself!
Check out Des Femmes, a magazine for women in tech and finance. We need $30k to get the first issue shipped and it would be amazing if you can help make it happen by contributing to its Gitcoin grant. Defiant founder Camila is one of the women behind the project, together with Leigh Cuen and Rosalie Lessard.
🙌 Together with:
Zerion, a simple interface to access and use decentralized finance
Kraken, consistently rated the best and most secure cryptocurrency exchange, which can get you from fiat to DeFi
Casper, an enterprise-focused blockchain which aims to introduce unprecedented security, speed and scale for businesses
TLDR Long, long ago, four billion MoonCats were lost in space. The digital cats were doomed to languish in the wasteland of forgotten blockchain projects —until now. If you’ve followed OpenSea’s NFT ranking list over the past few days, you may have noticed a new, mysterious project called “Wrapped MoonCatsRescue” taking the chart by storm.
BY THE NUMBERS With a seven-day trading volume of 5k ETH, Wrapped MoonCatsRescue is currently second only to CryptoPunks (25.8k ETH) in the weekly ranking, beating out popular NFT mainstays like Rarible, Sorare, and Beeple.
BACKSTORY Back in 2017, shortly after the advent of the first NFT art project, CryptoPunks, but before CryptoKitties unleashed an unprecedented Ethereum-based mania, two developers calling themselves “Ponderware” set out to create blockchain-collectible cats. Their project was called MoonCatRescue. Only 25,600 MoonCats could be brought onto the chain, so “searching for” (or generating) a MoonCat didn’t necessarily mean that cat would be brought into a contract.
CONTRACT BUG The developers’ only attempt to monetize came in the form of “Genesis Cats”—256 unique black or white MoonCats which would be sold directly to users in very limited batches. Unfortunately, the developers ran into a bug which made the funds from these sales inaccessible.
SPARKING THE GOLD RUSH Recently, a Twitter user going by “tilopa” wrote:
“can anyone confirm that https://mooncatrescue.com predates cryptocats? looks like a very early og nft that you can still mint but the ui is broken so you have to interact with the contract directly.”
This was all it took to set off the latest NFT gold rush. Within three hours, the limit of 25,600 on-chain MoonCats had been reached. During this time, users paid nearly $600k USD in gas fees for MoonCat rescues.
TLDR Social money issuer Roll was hacked for nearly $5.7M of creator tokens held in hot wallets on the platform over the weekend.
400+ TOKENS Using Roll’s private keys, the hacker made off with tokens from 400+ creators on the platform. They immediately sold into Uniswap pools created around the vulnerable social tokens and transferred the ETH via Tornado Cash.
“It seems like a compromise of the private keys of our hot wallet and not a bug in the Roll smart contracts or any token contracts,” stated Roll’s post-mortem.
LEGAL ACTION Roll responded with a post-mortem, saying the team intends to take legal action on the malicious actor if found and offering a $500k creator bounty to all communities affected.
WHALE & FWB Of all the tokens affected, Whaleshark’s WHALE token and Friends With Benefits FWB were hit the hardest, losing ~1400 ETH and ~800 ETH respectively.
COMMUNITIES SCRAMBLE The Friends With Benefits token dropped by 99% at the time of the hack. Despite a crisis event, the community rallied together to vote in favor of a new FWB Pro token, expected to launch later this week. The project will airdrop tokens to existing members and speculators at various rates, resetting the slate with a DAO at the helm.
After addressing the issue internally, Whaleshark set out to provide liquidity to other projects as a sign of support.
CENTRALIZATION ISSUES This event showed that many social tokens still suffer from centralization issues as a result of accessibility, as the reason tokens were being held in Roll in the first place was to prevent creators from having to download Metamask to get started with social money.
TLDR Hackers compromised PancakeSwap’s and Cream Finance’s websites yesterday. The Domain Name Service (DNS) attack modified the affected protocols’ website to display a request for the user’s seed phrase, which, if submitted, would compromise their entire account.
Security researcher Stefan Tanase explained to The Defiant that, looking at historic DNS data, “the Pankcakeswap website was resolving to a malicious IP.”
Because the attack was not on a smart contract itself it is still unclear how many users the hacker tricked into sending their seed phrase as well as the total amount the attack netted.
WEBSITE RISK The attack highlighted that while a blockchain can be secure, websites which use them as backends can be compromised. As the DNS was the attack vector, companies like Unstoppable Domains which provide decentralized alternatives to the system took the opportunity to offer their services.
TLDR A new Ethereum proposal, EIP-3368, meant to increase miner rewards, has generated major pushback from the cryptocurrency’s community members like Aftab Hossain, who thinks the proposal distorts Ethereum’s “minimum viable issuance” monetary policy which aims to keep mining rewards as low as possible without compromising security.
DETAILS EIP-3368 proposes to increase the Ethereum block reward from two ETH to three ETH and then taper the reward block-by-block to one ETH over two years. The rationale behind the proposal is that a drop in Proof of Work (PoW) rewards will incentivize miners to sell their hashrate (the computational power used to solve PoW problems), weakening Ethereum network security.
PUSHBACK Some analysts and developers believe that EIP-1559 won’t lead to a large enough drop in total revenue to threaten Ethereum’s security. Crypto researcher, Hasu, for example, believes that EIP-1559 will reduce miner revenue by 20 to 30% which may leave margin enough for miners to continue devoting hashpower to the network.
“Several Twitter users reported today that their accounts on NFT marketplace Nifty Gateway have been taken over by hackers, with the attackers cleaning up whole non-fungible token (NFT) collections and even using their registered credit cards for new purchases,” Decrypt reported.
“Major cryptocurrency exchange Kraken is considering a stock market debut in 2022, according to Fox Business reporter Charles Gasparino,” CoinDesk reported.
Showtime @tryShowtimeWe’re excited to reveal Showtime 🎉 Showtime is a social network to browse and show off your NFTs across Foundation, Zora, Superrare and more! Creators, share us your profile #ItsShowtime https://t.co/zpjM2AUGdl
✊ Head to THEDEFIANT.IO for more DeFi news 📰
🧑💻 ✍️ Stories in this newsletter were written by Owen Fernau, Dan Kahan and Cooper Turley, and edited by Camila Russo. Videos were produced by Robin Schmidt and Alp Gasimov. Podcast was led by Camila, edited by Alp.
The Defiant is a daily newsletter focusing on decentralized finance, a new financial system that’s being built on top of open blockchains. The space is evolving at breakneck speed and revolutionizing tech and money. Sign up to learn more and keep up on the latest, most interesting developments. Subscribers get full access, while free signups get only part of the content. Click here to pay with DAI (for $100/yr) or sub with fiat by clicking on the button above ($10/mo, $100/yr).