Ben Adamsky 💭 pfp
Ben Adamsky 💭
@ba
Update on today's incident: We've identified a critical vulnerability in our withdrawal API, where there was an exploit that allowed unauthorized withdrawals to bypass our security checks. We've frozen withdrawing funds on smart wallets until this is fully resolved. Most importantly - all smart contracts, admin wallets, and user smart wallets remain fully secure and uncompromised The root cause was an authentication spoofing technique in our API routes due to architectural constraints within our auth system. We've learned a lot from this exploit and are implementing more robust security measures to prevent a situation like this from ever happening again. All affected users will be refunded this week
7 replies
9 recasts
46 reactions

Miguelgarest pfp
Miguelgarest
@miguelgarest.eth
Can the attacker be traced?
2 replies
0 recast
1 reaction

Ben Adamsky 💭 pfp
Ben Adamsky 💭
@ba
We're looking into that as well, although #1 priority is making sure our users and their funds are safe
1 reply
0 recast
5 reactions

Miguelgarest pfp
Miguelgarest
@miguelgarest.eth
The situation sucks but you guys rock.
1 reply
0 recast
2 reactions

Ben Adamsky 💭 pfp
Ben Adamsky 💭
@ba
Appreciate you 🙏 we'll do everything we can to make this right for everyone affected
0 reply
0 recast
1 reaction