April 25, 2022       /       Unchained Daily       /       Laura Shin

Daily Bits ✍️✍️✍️

  • Coinbase stock is at an all-time low.

  • Binance denies a report that it agreed to share user data with Russian agencies.

  • MetaMask briefly stopped working on Friday during an Infura service outage.

  • Grayscale noted SEC inconsistency in its latest case for a spot bitcoin ETF approval.

  • Compass, a US crypto miner, is selling roughly $30 million worth of equipment in Siberia in the wake of the US sanctioning BitRiver.

  • OFAC added three more Ethereum addresses associated with the Ronin bridge hack to its sanctions list.

  • Crypto lender Celsius is warning customers that its token, CEL, is susceptible to regulatory risks.

Today in Crypto Adoption…

  • Stripe announced crypto support for “Connect,” their artist-driven payments platform.

  • Tennessee is preparing to hold cryptocurrencies.

  • Animoca Brands plans to acquire more companies to help make NFT games.

  • The NBA’s NFT launch last week was exploited, with all NFTs being unfairly minted in less than an hour.

  • Crypto.com (disclosure: a current sponsor of Unchained) is backing a crypto research program with MIT.

  • Nike and RTFKT revealed their first wearable NFT.

The $$$ Corner…

  • Bastion, a lending project on Near, raised a $9 million Series A.

  • Polygon plans to invest $100 million in Supernet chains.

What Do You Meme?

What’s Poppin’?

The Aku Mint Was Far From Dreamy

 

AkuDreams, an NFT collection created by Micah Johnson, experienced a smart contract bug during its mint that locked away $34 million of ETH – which can no longer be accessed by the Aku team nor NFT buyers.

According to 0xInuarashi, an anonymous crypto developer on Twitter, the contract fell prey to three bugs. The first was corrected, and the second led to $34 million in ETH being locked forever.

 

  1. The contract was written so that a single user sending a malicious contract call could freeze the refund capability of the Aku mint. However, this was eventually rectified by the hacker, who wrote on chain that “you guys [the Aku team] publicly acknowledge that the exploit exists, I will remove the block immediately.” Notably, this bug was hinted at on April 22nd by @notchefbob, but the team denied anything was wrong at the time.

  2. The team structured their own withdrawal tool in a way that miscounted bids, requiring a total of 5,495 bids to withdraw the $34 million in ETH, when they only received 3,669.

 

The Aku team is currently working on a plan to rectify the situation. Pass holders for the Aku mint will receive a .5 ETH refund on Monday or Tuesday. (Ironically, this refund is delayed due to Aku using a bank for their company Treasury). As of mid-afternoon on Sunday, the team is rewriting their minting contract, with plans to airdrop the NFTs at some point in the near future.

“Im so sorry. Im so sorry to the Aku family. I care so deeply about the Aku family, I let you all down & I’m so sorry,” wroteAku creator Micah Johnson on Twitter.

Recommended Reads

  1. Knower dropped a new crypto-market update:

  1. a16z’s Porter Smith on stablecoin design:

  1. CoinDesk on the six things you should know about Crypto Twitter:

On The Pod…

The Chopping Block: How to Improve DeFi and Cross-Chain Bridge Security

Welcome to The Chopping Block! Crypto insiders Haseeb Qureshi, Tom Schmidt, and Tarun Chitra chop it up about the latest news in the digital asset industry. On this episode, Laura Shin, the host of Unchained and author of The Cryptopians, also joined the conversation. Show topics:

  • how people have responded to The Cryptopians

  • why traditional publishers were reticent to publish the story revealing the alleged DAO attacker’s identity

  • what lessons can be learned from North Korea’s alleged involvement in the Ronin bridge exploit

  • what zero-knowledge proofs work and how a miscalculation in a whitepaper almost caused major issues in the crypto world this week

  • how math proofs and reporting specifications work in the crypto space

  • why security engineers, like samczsun, are so hard to come by

  • how an attacker was able to steal ~$80 million from Beanstalk in a governance attack

  • @hosseeb vs. @haseeb

  • the difference between being in crypto and covering it as a journalist – and why Laura sees herself as more a “referee” than a participant in the crypto space

  • whether DeFi hackers can actually cash out of their positions

  • why Tarun is worried about Ethereum’s security in the wake of the merge being delayed even further

  • what staking derivatives are, and how tradfi companies are using Lido to lever up

  • why traditional funds getting into crypto has Tarun worried about Anchor

  • why the guys think Cosmos is more popular than Polkadot

Book Update

My book, The Cryptopians: Idealism, Greed, Lies, and the Making of the First Big Cryptocurrency Craze, which is all about Ethereum and the 2017 ICO mania, is now available!

You can purchase it here: http://bit.ly/cryptopians