RocketSwap unveils response strategy after $865k hack

August 16, 2023 at 9:43 am

News

RocketSwap unveils response strategy after $865k hack

RocketSwap Labs has unveiled its strategy for recovering from a forceful hack that seized $865,000 (471 ETH) from the protocol on Aug. 14.

The decentralized exchange on Base intends to reintroduce a fresh farming contract and publicly share it on the blockchain, among other measures.

The decentralized exchange on Base agreed upon the emergency program. It will introduce a fresh farm contract by eliminating the proxy contract. Subsequently, it will share its open-source version on the blockchain while advancing the production reduction plan by 0.075 per block.

The emergency programme agreed upon by the team is as follows.

1. We plan to redeploy a new farm contract by dropping the proxy contract and open sourcing it on-chain.

2. The new farm will advance the production reduction plan by 0.075 per block.

3. The team relinquishes…
— RocketSwap (@RocketSwap_Labs) August 15, 2023

Moreover, the team will renounce their minting privileges, retaining only low-risk allocation rights for new pools.

As a result of the team's investigation

We are sorry to inform you that the team needed to use offline signatures when deploying the launchpad and put the private keys on the server.
A brute force hack of the server was detected, and due to the proxy contract used for the farm…
— RocketSwap (@RocketSwap_Labs) August 14, 2023

This announcement is a follow-up to the platform’s Aug. 14 Tweet, where they admitted users’ losses after a hacker stole approximately 471 ETH.

The investigation determined that offline signatures were necessitated during this process, prompting the storage of private keys on the server.

This vulnerability was exploited through an alleged brute force hack that targeted the server infrastructure, resulting in the unauthorized transfer of assets belonging to the farm.

RocketSwap’s responses garnered significant backlash from the community, with one platform user stating this was a terrible reaction to the news. Moreover, this was not the first incident.

https://twitter.com/0xdashen/status/1688690553410801668

Just one week earlier, on Aug. 8, a community member unearthed deleted posts from RocketSwap. They revealed a disconcerting admission by the team regarding a transaction error involving $69,000 worth of native tokens (RCKT), which were inadvertently sent to malicious actors.

A push for more robust regulation

As the year 2023 unfolded, millions of dollars have already been lost to DeFi hackers, including $287,000 from Aave’s Earning Farm on Aug. 9.

Consequently, many in the community continue demonstrating a solid collective commitment to enhancing security within the cryptocurrency sector, echoed throughout the industry. However, few changes have been unveiled to the public as of yet.