Initial Stage: "Socializing" Losses
Crypto trading platform Cypher has revealed its strategy to recover from a $1 million exploit that occurred on August 8. In the initial stage of the plan, the Solana-based platform will distribute losses across all accounts rather than burdening any individual or group. To begin the recovery process, Cypher will create a "pro rata redemption package" of its current assets, which users will be able to withdraw through a web interface. However, it's important to note that the platform currently lacks sufficient funds to repay all depositors.
Second Stage: Raising Funds through IDO
In the second stage of the recovery process, Cypher will raise funds through an initial DEX offering (IDO). These funds will be used to pay for audits and further development of the platform. Simultaneously, users will receive a "debt token" representing the assets they are still owed by the protocol. The debt token will grant them future profits generated by Cypher in the form of USD Coin (USDC), ultimately allowing users to be compensated for their losses.
Audits and Security Measures
Cypher's team has expressed their commitment to rectifying users' financial losses as their top priority. Once the funds are repaid, the protocol plans to engage auditors OtterSec and Mad Shield to perform public audits on the patched version of Cypher. The goal is to identify and address any potential vulnerabilities, ensuring a secure and robust platform in the future. In the meantime, the app's smart contracts will remain frozen, ensuring the safety of users' assets.
Recovering Frozen Funds
Approximately $600,000 worth of crypto that was drained in the attack has been frozen by centralized exchanges, preventing the attacker from cashing in on their illicit gains. Cypher has announced its intentions to work with these exchanges to recover the frozen funds for users. Additionally, the platform is open to exploring other avenues such as seizure warrants issued by law enforcement to regain the funds and compensate affected users.
The cause of the $1 million exploit is still under investigation by security researchers.
