Bitcoin prices rise on PayPal crypto news. US reticent on CBDC.

Bitcoin prices rise on PayPal crypto news. US reticent on CBDC.
  • Bitcoin prices rise on PayPal’s cryptocurrency news
  • US Fed not yet sold on digital dollar
  • USDC stablecoin adds Solana blockchain to rely even less on Ethereum
  • In China: new DCEP digital currency law; digital yuan to be used by 80,000 rural banks
  • Funding spotlight: Bangalore-based Signzy raises US$5.4 million
  • From the Editor’s Desk

    Dear Reader,

    286 million customers. 

    The digital assets / cryptocurrency space just got a little more crowded. That’s how many active users PayPal currently serves… and now in the cryptocurrency space. With billions of transactions per year, PayPal now also wants to add cryptocurrency into the mix, allowing users to buy and sell via its new digital wallet. As one of the biggest and best-known online payments brands in the world, PayPal has now created an on-ramp to cryptocurrencies for mainstream customers. And if you have any doubt as to what this means in terms of liquidity, you need not look further at bitcoin prices on the heels of the announcement. Bitcoin prices climbed 5% as PayPal announced it is launching its own cryptocurrency service last week. 

    It’s a natural progression if you think about it. As cryptocurrencies and alternative digital assets become more mainstream, so too are mainstream firms engaging and exploring how they want to participate. Question is, are everyday retail customers ready to explore the sometimes murky world of cryptocurrency trading, price volatility and yield farming in DeFi? Baby steps first.

    This week’s Current Forkast notes that necessity is the mother of invention. We are seeing this play out in real time as global markets react to Covid-19 slowdowns, political instability and trade tensions. As the appetite for alternative assets grows, the desire to diversify and hedge intensifies. Trusted brands, from businesses to sovereign nations, are all getting in on the act.

    Until the next time,

    Angie Lau,
    Founder and Editor-in-Chief

    By the numbers: PayPal — over 5,000% increase in Google search volume.

    Global online payments system PayPal unveiled a new service to buy, hold and sell Bitcoin, Ethereum, Bitcoin Cash and Litecoin directly within users’ PayPal digital wallet. The service will be made available to U.S. users in the coming weeks and will expand to international markets in the first half of next year. 

  • Following the announcement, bitcoin’s prices topped US$13,000 for the first time since July 2019 and is currently trading at $13,763 at the time of publication, according to CoinMarketCap data. PayPal also hit its all-time high on Nasdaq (PYPL).
  • PayPal may not be finished here. On Friday, Bloomberg cited “people familiar with the matter” to report that PayPal may be looking into acquiring multisignature bitcoin custodian BitGo.
  • Forkast.Insights | What does it mean?

    PayPal supporting cryptocurrency should be groundbreaking news. On any over-the-counter exchange, like LocalBitcoins and Paxful, people have been buying and selling crypto for years — albeit against the payment processor’s terms and conditions. According to publicly available data, LocalBitcoins has between US$2 million and $7 million a day in volume and there are currently 215 traders that use PayPal. Its bigger brother, Paxful, does just over $1.6 billion in volume a year and has dozens of traders offering the same.

    In short: this is a major market that operates in the gray area, as PayPal is known to lock and throw away the key accounts suspected of trafficking in cryptocurrency. So surely this is something the company would want to bring in from the cold with this announcement? No, not really. The company is quick to highlight that while you can buy and cash out cryptocurrency, you can’t transfer crypto outside of PayPal.

    It’s safe to assume that PayPal is right now battling the leviathan of global financial regulations to prepare for its next move. While PayPal is an authorized money transmitter in dozens of countries around the world, regulators have a spectrum of opinion on cryptocurrency. Mass adoption of the Financial Action Task Force’s “Travel Rule” would be a necessary first step. The question of custody is also one regulators are considering but don’t have a universal answer for. In PayPal’s case, you don’t control the keys, thus PayPal retains custody of the coins.

    So what’s the point of all of this? Exposure to an alternative asset class, but also preparing to create on-ramps to future digital assets like a galaxy of stablecoins or even CBDCs that are blockchain-based, like France’s effort. 

    This isn’t as exciting of an announcement as many had hoped, but for an organization as large and established as PayPal, anything like this would come in the form of baby steps.

    By the numbers: CBDC — 5,000%  increase in Google search volume.

    Jerome Powell, the Federal Reserve chair, has again reiterated that the U.S. is in no hurry to launch a central bank digital currency (CBDC), stating it is “more important to get it right than to be first.” Speaking at an International Monetary Fund virtual seminar on cross-border payments and digital currencies, Powell stressed the importance of private sector collaboration. 

  • Bahamas has launched its sovereign digital currency, the “sand dollar,” this past week. The Bahamian dollar is pegged to the U.S. dollar on a one-to-one basis. 
  • Forkast.Insights | What does it mean?

    Unlike China with its new DCEP digital currency, there may not be a pressing need to launch a U.S. CBDC immediately.

    The U.S. doesn’t have the same need to build its currency’s liquidity. While China might force international firms that wish to trade with it to use DCEP, most businesses by default will likely still settle transactions in USD simply because it’s the most liquid currency out there. CBDCs are being seriously eyed by aspiring regional hegemons like Brazil to throw its weight around, but the U.S. doesn’t have that problem. The E.U. is said to be considering one, but there’s not the same driving force behind it, as the continent doesn’t have a quest for liquidity — it’s already there. Japan, known for its ultra-conservative central bank, has its eyes on CBDCs not because of its desire to innovate but rather as a defensive move to protect the yen as an international currency.  

    Where the U.S. does have a problem is the need to print more money to fuel its growing debt and deficit load thanks to Covid-19. In the usual understanding of economics, once the money supply hits a certain point, inflation rears its ugly head. And that’s why the Fed wants to take its time to get a U.S. CBDC right. If it can pull it off as a way to bypass the usual rules about money supply and inflation, it’ll be an incredible tool in its portfolio. But do it the wrong way, and it could have an opposite effect: an acceleration of inflation. 

    By the numbers: Solana — over 5,000% increase in Google search volume.

    Within a week of USDC’s announcement that it would integrate with the Stellar blockchain, Coinbase and Circle’s stablecoin announced its migration into a fourth blockchain, Solana. 

  • USDC is the world’s second largest stablecoin by market capitalization. The world’s largest, Tether, also announced its integration with Solana last month. 
  • Forkast.Insights | What does it mean?

    For an industry vertical with the word “decentralized” in its title, it’d be awfully ironic if it remained clustered around Ethereum. 

    Although Ethereum is one of the biggest and most liquid of all the blockchains, its scale also works against it. It just can’t seem to keep up with new startups that seem to be able to build blockchains that are cheaper and faster. Case and point: Ethereum has a 15-transactions-per second cap while Solana can push out over 50,000. 

    There’s no point in any stablecoin remaining just on one blockchain. Just as “rising tides lift all ships,” the liquidity of adding an in-demand payment rail like a stablecoin to the platform will boost overall demand for it and make it break out from the rest of the pack of technically impressive but underused blockchains. 

    Exchanges are also stakeholders in this too. If Ethereum gets jammed up because of DeFi, it can have consequences downstream. FTX is smart to use this as a chance to launch ‘Wormhole,’ a decentralized exchange to swap Solana for stablecoins or other tokens without the use of Ethereum.    

    Ethereum-reliant DeFi had never been challenged by a lack of liquidity. But the ultra-high gas fees that latency-sensitive DeFi caused has hurt other projects on the network and created a demand for firms like Alchemy, which provides workarounds for the gas problem. One solution to the problem may be to lessen reliance on Ethereum, which is what USDC appears to be doing. 

    China‘s central bank drafted a banking law, which provides a legal basis for DCEP — the Chinese central bank digital currency — and outlaws all other digital tokens.

  • People’s Bank of China (PBOC) has issued a revised law on its website for public comments. Article 19 confirmed digital yuan as legal tender, stating: “the unit of renminbi is yuan, and the unit of RMB currency is jiao (1/10) and cent. RMB includes the physical form and the digital form.”
  • Addressing initial coin offering(ICO) and other tokens trade, Article 22 clarifies that no group or individual may produce or sell tokens, coupons and digital tokens to replace renminbi or be used as renminbi substitutions circulating in the market. If the case is serious enough, offenders could be put in jail. 
  • The Digital Currency Research Institute, a unit of People’s Bank of China (PBOC), signed a pact with Rural Credit Banks Funds Clearing Center (RCBFCC).

  • In the contract, DCEP, as an economic infrastructure, will be widely used in China’s countryside.
  • RCBFCC was established in 2006 to serve as a national clearing entity for China’s small and medium-sized rural financial institutions. It currently covers nearly 80,000 rural credit unions, rural commercial banks and rural cooperative banks around the nation. 
  • Forkast.Insights | What does it mean?

    The PBOC’s law about how DCEP is the only digital representation of the RMB that makes sense within the context of China’s tightly controlled economy where capital inflow and outflow is closely monitored. A liquid, successful DCEP used to settle international transactions that have a nexus to China would create a market for trading offshore DCEP and an RMB stablecoin — which in turn could be a way to bypass capital controls. An offshore stablecoin trading hub would also serve as a tool for true price discovery of the RMB, as there would be no pegs, something which authorities in Beijing relish. 

    More pressing, however, is how this would impact China’s major mobile payment platforms WeChat Pay and Alipay. The two of them have digitized a fair amount of the nation’s money supply. Would this law force them to relinquish their ability to digitize currency and force-adopt DCEP as a payment rail? The two platforms aren’t going to disappear, they will likely just be revised. It’s not a question of WeChat Pay, Alipay, or DCEP but rather how can DCEP be seamlessly integrated into both. Alipay has published a number of patents relating to DCEP and how the company could work as a secondary issuer of a digital currency as a third party agent.  This recent law from the PBOC may be the next step in that direction.  

    Signzy — venture round, India, US$5.4 million

    Bangalore-based Signzy has raised a $5.4 million round led by Arkam Ventures and Mastercard. Signzy has an artificial intelligence-assisted ID verification platform that allows banks and financial institutions to weed out fraud and tighten up their know-your-customer (KYC) process. Of particular interest to Mastercard may be Signzy’s Video KYC solution, which offers an efficient onboarding process to verify someone’s identity and ensure that they are actually alive. 

    Forkast.Insights | What does it mean?

    In emerging markets like India, the quality of identification documents and corresponding material to support someone’s claim are sometimes questionable. AI-assisted identification verification services are nothing new, but are reliant on access to high-quality supporting databases such as voting records, centralized property directories, or utility records. In markets where this data might be spotty, advanced AI algorithms could pick up the slack. 

    As challenger banks and financial institutions take off in India, we can expect more of this. The country, and other emerging markets, have KYC/AML laws that they would like to strengthen as they formalize the informal economy. As such, the requirement for these institutions to have a solid platform like this as part of their onboarding process will only strengthen and in turn drive demand for firms like Signzy. 

    Source: otcpm24.com

    Author: News Bureau


    $50 Million Lost: The Top 19 DeFi Cryptocurrency Hacks of 2020

    $50 Million Lost: The Top 19 DeFi Cryptocurrency Hacks of 2020

  • The DeFi surge in 2020 led to more than a dozen hacks over several months.
  • More than $50 million was lost due to bugs, exploits, and hacks.
  • Although some losses were recovered, DeFi users need to stay vigilant when interacting with applications.
  • DeFi is nothing short of a revolution. Automated blockchain-based financial primitives open a world of possibilities to disrupt traditional finance and make it more accessible.

    This immense potential attracted a massive wave of users and investors to the space. In a matter of months, the total value locked (TVL) in DeFi protocols reached more than over $13 billion. 

    Meanwhile, activity on the DeFi epicenter blockchain, Ethereum, skyrocketed. The benefits appear to be endless, too. 

    Bringing financial activity on-chain allows for automation, trustless setups, and transparency. 

    However, it also creates numerous attack vectors, impossible in traditional finance. 

    The majority of DeFi projects are open-source, meaning that code is easily accessible via GitHub for inspection both by well-intentioned and malicious users. If wrongdoers find bugs first, they can steal other users’ funds.

    Besides bugs in code, DeFi applications are vulnerable to external exploits as well. DeFi’s efficiency mostly depends on composability, meaning that the more projects that are interconnected, the more value they can provide. Hence, exploiters can game the system and cause protocols to behave in ways not intended by developers.

    The irreversibility of blockchain transactions exacerbates the situation. If hacks occur, funds are likely lost for good, though some projects will reimburse users from their pockets.

    The following is a collection of over a dozen hacks and exploits within DeFi in 2020. 

    Although DeFi experienced explosive growth after introducing the Compound liquidity mining program, the space has been brewing since 2014. Many platforms existed and suffered from hacks before the DeFi summer of 2020.

    bZx, a DeFi project focused on margin trading and lending, had a troubled start of 2020 with two consecutive hacks resulting in almost a million-dollar loss. The attacks occurred on Feb. 14 and Feb. 18.

    Hackers didn’t find any bugs in bZx smart contracts. Instead, they exploited the interconnectedness of DeFi protocols. The exploit involved taking out flash-loans (borrowed and repaid in a single transaction) and manipulating asset prices to drain funds from lending pools by taking larger loans than was possible under normal circumstances.

    The platform covered losses from its insurance fund, which receives 10% of all interest lenders earn.

    On Apr. 19, a hacker took $25 million from a decentralized lending platform Lendf.me, which was functioning under the umbrella of the Chinese DeFi platform dForce. The hack used a well-known vulnerability of Ethereum, which was used in the infamous DAO Hack in 2016.

    Ethereum’s ERC-777 token standard has a vulnerability, enabling an attacker to drain funds from some smart contracts holding them. An imBTC token that represented BTC on Ethereum was the ERC-777 standard, which allowed an attack vector.

    Notably, the hacker returned stolen funds to Lendf.Me admin, which didn’t save dForce from criticism.

    The same attack involving imToken occurred on Uniswap around the same time as on dForce, but hackers managed to drain much less – $300,000.

    The options platform Hegic wasn’t attacked by anyone, yet a typo in the project’s code led to freezing users’ assets.

    Traders and holders can use options on Hegic to insure against price volatility. Consider ETH is worth $500, and a user buys an option contract, which enables them to sell one ETH for 500 DAI within some time window. If ETH price tanks to $400, the user can safely exercise the contract, liquidating their position for 500 DAI.

    On Apr. 25, Hegic published a warning about a typo in the smart contract, which led to freezing funds in unexercised contracts. If a user didn’t use their option, somebody had to unlock assets, but they couldn’t due to a typo. 

    Hegic’s founder reimbursed everyone who suffered.

    Maker found itself in a predicament after the crypto market crashed on Mar. 12. The platform ended up in over $8 million in debt as some of its loans were liquidated for free.

    Since Maker is decentralized, it can’t use credit scores to verify the creditworthiness of its borrowers. Hence, loans on the platform are overcollateralized, meaning that a borrower supplies more assets that they can take out.

    If the collateral value goes below a certain threshold, the loan is marked as undercollateralized, and liquidators can participate in an auction to liquidate the loan for a 13% reward. 

    When the market crashed, the activity on Ethereum soared as users panicked. 

    The network’s low throughput led to congestion, and many liquidators on Maker stopped working. Consequently, a handful of liquidators won auctions for free because there was no competition.

    Blocknative, a forensic company, later published a report, saying that not only did users’ panic contributed to the congestion, but also malicious bot activity. 

    Bots spammed Ethereum with junk transactions that recursively replaced their existing transactions to slow other liquidators down and take advantage of the reduced competition.

    White-hat hackers found a severe vulnerability in the DeFi-focused mobile wallet Argent in OpenZeppelin on Jun. 18.

    Argent replicates the experience of using a crypto wallet as a CC card with the concept of Guardians. Guardians are trusted devices with limited permissions to a user’s wallet, helping recover access to a wallet if the original owner loses access.

    The uncovered vulnerability would have enabled hackers to freeze funds in wallets without Guardians. By the time the vulnerability was discovered, over 300 wallets with more than 160 ETH were at risk. 

    Fortunately, none of them suffered losses as the team implemented fixes in time.

    Bancor, an app focused on asset swaps and conducted one of the largest ICOs of 2017, self-hacked to fix a critical vulnerability. 

    As a result of one of the system’s updates, users who interacted with the upgraded smart contract could lose their funds. $545,000 were at risk, but the Bancor team initiated a hack themselves to protect assets.

    Besides the team, however, other white-hat hackers managed to drain over $130,000. Bancor got lucky, as it could have been malicious actors.

    Bancor suffered from a large-scale hack back in 2018, and warnings about the new exploit had been floating around since Mar. 2020.

    A decentralized exchange with customizable liquidity pools, Balancer saw an attack similar to what bZx suffered from. The incident occurred on Jun. 28.

    The hack exploited a deflationary function of Statera (STA) token, which burns 1% of each transaction. The attacker used a flash loan to borrow a large amount of ETH and traded ETH against STA to decrease the number of STA tokens in the pool.

    Once the amount of STA became very small, its price denominated in other assets in the pool surged so that the attacker could swap STA for other assets cheaply.

    The team warned the community about the dangers of deflationary tokens before the hack occurred. However, as the protocol is permissionless, it couldn’t prevent users from adding unsafe assets. 

    The initial decentralized exchange offering (IDO) of bZx protocol’s token BZRX on Uniswap highlighted the IDO model’s imperfections.

    During an IDO, users send money directly to the team, and an asset’s price grows as a function of buying activity. 

    Less than a minute since the BZRX IDO started on Jul. 13, the price jumped 12x due to the front-running bot activity. Bots were placing buy orders in the same block that marked the start of the IDO.

    Besides front-running buyers, the bots spammed the network so that users couldn’t push their transactions through.

    How someone made a million dollar in 30 min?
    1. Wait for BZRX news for uniswap listing.
    2. Write a smart contract that buys token on Uniswap
    3. Spam eth network to others can’t get in with failed txs

    — Roman Storm (@rstormsf) July 13, 2020

    Once other buyers finally got in for the sale, the price was already high, and the bots’ owners took substantial profits. One early buyer made $500,000.

    While the incident wasn’t a hack, it raised concerns about the viability and fairness of IDO models.

    A smart contract bug allowed a double-spending attack, causing options protocol Opyn to lose $370,000 on Aug. 4.

    The vulnerability was connected to the protocol’s native tokens called oTokens, which users burn when exercising options contracts. The contract couldn’t correctly exercise a batch of options, not burning oTokens at each closure. 

    Consequently, an attacker could reuse their oTokens balance and drain funds by exercising options for free.

    According to PeckShield, a blockchain security company, a person with smart contract programming experience could easily spot the bug.

    While the Opyn team couldn’t take down or change the smart contract, it managed to put the protocol on hold and save some of the users’ funds. On top of that, it announced reimbursements along with smart contract audits.

    A community-led DeFi stablecoin YAM managed to attract hundreds of millions of dollars in a matter of hours after it launched on Aug. 11, only to die days later due to a critical rebase bug.

    YAM is a modified clone of Ampleforth, a stablecoin with dynamic supply. Depending on the demand, YAM and Ampleforth can increase or decrease the total supply to maintain the $1 peg. Supply is changed by calling a dedicated “rebase” function.

    The team wanted to use YAM in the project’s governance, but the rebase function issued excess YAM tokens to the project’s treasury, which diluted YAM holders’ governance power. 

    Eventually, governance on YAM would be unusable.

    The team tried to fix the bug by initiating a voting process to stop rebasing until the project’s governance contract is swapped. However, the initiative failed despite high voter turnout.

    YAM’s key difference from Ampleforth is that it automatically bought yCRV tokens whenever supply increased. By the time the team realized nothing could be done to save the project, $750,000 of yCRV were already locked in the treasury.

    The team didn’t give up and eventually swapped the project’s governance module to a working one. YAM holders could migrate via a temporary smart contract.

    Another rebase bug was exploited by a holder of Soft Yearn (SYFI) token on Sept. 3. The bug enabled a user to turn a $200 investment into $250,000.

    Like YAM and Ampleforth, Soft Yearn dynamically changes its supply. However, the supply change didn’t translate to a Uniswap pool, where the token was traded. 

    A user with 2 SYFI in their wallet spotted the bug before others. After the rebase, they had more than 15,000 tokens worth more than 700 ETH at the time. The user took advantage of the opportunity that appeared in front of them and wiped all the SYFI pool liquidity by dumping all their tokens for ETH.

    After the incident, the team published a rescue plan, which included relaunching SYFI tokens and adding 250 ETH to the Uniswap pool.

    2020 didn’t go well for bZx, as it suffered three attacks. While the first two exploits involved manipulating external protocols, the third hack took advantage of an internal protocol flaw.

    When users lend assets on bZx, they receive iTokens, which grow in value as a corresponding lending pool grows. The platform’s vulnerability enabled a hacker to mint iTokens without lending assets. 

    Consequently, the wrongdoer could exchange unbacked iTokens for the assets in bZx pools on Sept. 13.

    The hacker managed to drain more than $8 million in various assets from bZx. However, the team tracked them down and retrieved stolen funds. Following the incident, the team joined forces with PeckShield to enhance bZx security.

    Lien Finance, a protocol focused on options and stablecoins, was on the verge of being hacked and losing $10 million in ETH. However, a group of white hat hackers discovered the vulnerability first.

    As the report on Lien stated, the platform had a faulty function, which enabled minting large amounts of valueless tokens, which could then be exchanged for ETH stored on its smart contract.

    How do you rescue 10 million dollars from a vulnerable smart contract without letting attackers know it’s there? Last Tuesday, @epheph, @sparkpool_eth, @tzhen, @wadealexc, and I found out.https://t.co/WOjO651VIw

    — samczsun (@samczsun) September 24, 2020

    After the white hackers discovered the vulnerability, they couldn’t perform a hack to save the platform’s money because front-running bots would have noticed their transactions.

    The hackers communicated with Sparkpool, Ethereum’s largest mining pool. The Sparkpool team then made it possible to execute necessary transactions without revealing them to the bots, which saved 25,000 ETH from being stolen.

    Andre Cronje became a superstar of the DeFi scene after launching the yEarn yield optimizer. The corresponding token, YFI,  surged from 0 to tens of thousands of dollars in a matter of weeks. Consequently, many profit-seeking users started to closely monitor Andre’s activity to jump into his new projects before others.

    One such project was a gaming platform named Eminence. After Andre mentioned its unaudited beta smart contract in a tweet, users threw $15 million into it. Since the contract was in the beta stage, it had a vulnerability, and hackers drained users’ funds by minting EMN tokens and selling them for more valuable assets on Sept. 28.

    pic.twitter.com/tV9LSzPXlV

    — eminence.finance (@eminencefi) September 28, 2020

    The hackers subsequently returned $8 million in DAI to a smart contract controlled by Andre. The returned funds were used to cover some of the users’ losses.

    A UniCats app with a yield farming feature had a backdoor, which enabled its developer to control users’ funds even when they withdrew money from the platform.

    It’s common for DeFi users to connect their wallets to various DeFi apps, granting them access on different levels. UniCats asked users to permit spending an unlimited number of tokens. An anonymous user Jhon Doe granted UniCats the requested permission and lost $140,000 on Oct. 4.

    According to a ZenGo crypto wallet report, Jhon wasn’t the only one who suffered from the exploit. Other users brought the malicious developer of UniCats at least $50,000 more.

    If you are not yet convinced that you should NOT be approving infinite tokens to some random smart contract/Dapp, here’s a story of how Jhon Doe lost $140K worth of UNI in their sleep.
    1/
    👇 pic.twitter.com/QltkevnzDY

    — Alex Manuskin (@amanusk_) October 5, 2020

    The hacker took care of their security and used several measures, including swapping addresses and using the crypto mixer Tornado Cash to cover their tracks.

    A yield aggregator Harvest received critiques about its centralization before it got exploited for $24 million. Some of the users were concerned about the safety of $1 billion of assets locked on the platform, but the developers failed to change anything. 

    Shortly after the debates on the protocol’s centralization, $24 million were drained from Harvest due to an exploit on Oct. 26. In theory, a hacker could steal more.

    The attacker used flash loans to manipulate stablecoin prices on the decentralized exchange Curve and used arbitrage to buy more stablecoins than they would normally be able to.

    Like in the case of Eminence, $2.5 of the stolen funds were sent back to developers. The hacker swapped the rest for renBTC and sent BTC to other addresses. The RenBTC team helped Harvest identify the target addresses, which were then communicated to major exchanges for monitoring.

    The team offered a $100,000 bounty to find the wrongdoer, but no one was turned in.

    PercentFinance, a lending platform forked from the industry-leading Compound, froze $1 million of assets on Nov. 4. According to the team’s post, half of the funds belong to the project’s mods.

    Users funds on our platform amounting to ~$1m are stuck in money market smart contracts

    Reaching out to @WrappedBTC and @circlepay/@coinbase respective teams to help us make affected USDC/WBTC holders whole

    Read Below:https://t.co/63Q1DlyqVv

    — Percent Finance (@PercentFinance) November 4, 2020

    The project’s vulnerability was inherited from Compound’s old smart contract, which developers forked. One of the developers decided to upgrade the smart contracts, but after doing so, they realized that transactions to the new contracts couldn’t be signed. 

    Hence, the old contracts were broken.

    The team now hopes that issuers of the locked funds, which include centralized USDC and WBTC, can blacklist the addresses with blocked assets and issue new tokens for users who suffered from the bug.

    The team also offered to launch new lending contracts, enabling 73% of USDC lenders’ funds after borrowing their loans. The lost WBTC are frozen forever if WBTC-issuer, BitGo, doesn’t help the PercentFinance team. ETH is lost without a chance for recovery.

    SharkTron, a DeFi platform featuring liquidity mining on Tron, had an incident according to a statement Tron Foundation issued on Nov. 9.

    (1/2) Regarding the shark incident we have contacted @Binance and worked together on chasing down the funds and people behind this. A portion of the funds have been frozen on Binance.

    — TRON Foundation (@Tronfoundation) November 9, 2020

    Some sources report a loss of $260 million of users’ assets from several platforms associated with SharkTron, including Shark Invest and Shark Dice. Some users attach screenshots of wallets, which suffered losses.

    Tron Foundation claimed that it joined forces with Binance and frozen some stolen funds on the exchange. On top of that, it promised to track down and freeze the remainder of the funds. 

    It advised users to file reports to the police in the meantime.

    Until it was hacked on Nov. 12, Akropolis provided its users with convenient deposit-and-forget pools, which automatically invested users’ funds and generated yields. When a user deposited their funds in a pool, they got ownership tokens in return.

    A hacker noticed that Akropolis smart contracts didn’t have a whitelist for ERC-20 tokens, which can be deposited to the savings pools. To take advantage of this vulnerability, a hacker created a fake ERC-20 token and took out a flash loan of 800,000 DAI on the dYdX lending and trading platform.

    By depositing fake tokens and the real DAI, the hacker managed to get twice as many ownership tokens as they normally would. Hence, they withdrew funds they didn’t have access to.

    Akropolis didn’t admit the hack immediately. Moreover, the platform’s smart contracts were separately audited by two blockchain security firms. 

    At the time of writing, Akropolis’ stablecoin pools are frozen. The team is seeking ways to reimburse damages.

    Decentralized setups are liberating, yet they impose tremendous responsibility on users. While some teams strive to save users’ funds or recover losses, there are no safety guarantees.

    Anyone interacting with DeFi protocols and crypto, in general, should be vigilant and mindful of their activity. It’s a wild west, no code is flawless, and everyone’s wallet is potentially a honeypot, so precautions should be taken.

    During its short but bright history, DeFi has seen multiple hacks, vulnerabilities, and exploits of small and large platforms, which sometimes led to irreversible damage. 

    As the space progresses, it will see more incidents despite advances in tech and security. Hence, DeFi users should develop appropriate behavioral patterns to stay safe.

    The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

    You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

    See full terms and conditions.

    Source: cryptobriefing.com

    Author: by
    Anton Tarasov


    Ukraine is prepared to lead Eastern Europe’s crypto space

    Ukraine is prepared to lead Eastern Europe’s crypto space

    Ukraine is ranked as the world’s leader in the Global Crypto Adoption Index 2020, according to a research published by Chainalysis earlier this fall. Despite this, cryptocurrencies still remain a gray area in the economy. Since 2014, Ukrainian authorities have been trying to implement crypto legislation that would transform the country into a competitive jurisdiction for running crypto-related businesses, but the efforts did not yield any results. Finally, just a few months ago, the Ukranian government presented a new bill on digital assets to legitimize the sector — and this time, the attempt may well be successful.

    The fintech strategy of the Ukrainian central bank, or NBU, pledged to legalize activities using cryptocurrencies. According to the document, by 2025, crypto assets will fully enter the legislative field and a transparent infrastructure will be created to allow it to operate on the market.

    The first steps on this path were taken in late 2019. Since then, parliament members have passed a law on implementing the Financial Action Task Force’s standards for combating money laundering and the financing of terrorism. Among other things, the standards contain the concept of digital assets.

    The new bill seems to outline a solid action plan and delegates responsibilities. It clearly states that the governmental Ministry of Digital Transformation will be the main regulator controlling and monitoring any activity using crypto assets. As for tracking suspicious crypto transactions, the department has already agreed to cooperate with blockchain analytics firm Crystal Blockchain BV, developed by Bitfury Group.

    As expected, digital assets are not considered as a means of payment in the new bill. It is rather described as an intangible asset, a kind of power of attorney for property with which any operation can be performed, except for payment.

    The document’s authors tried to advise on all areas of usage of digital assets, ranging from initial coin offerings to initial exchange offerings (albeit belatedly) to stablecoins and other possible tokenized assets. Not limited only to this, the new bill describes all the rights and requirements related to custodians of digital assets, including exchanges, multi-signature wallets and any organization that now works and thrives in the crypto environment.

    Given that crypto adoption in Ukraine is growing rapidly, particularly in the decentralized finance and decentralized autonomous organization infrastructures, it is crucial that the new legislation highlights the difference between these two spaces. What is particularly interesting is the possibility of regulating the work of decentralized autonomous organizations, or DAOs.

    However, if the new Ukrainian regulations don’t cover DAO features, the voting rights given to users making decisions within a DAO may be considered illegal. This shows the importance of why processes such as voting on protocol governance should be established in the law.

    Since there is now a well-defined concept of a secured digital asset, the bill’s authors have a stake in the development of tokenized ecosystems. These may also include tokenized securities under the National Securities and Stock Market Commission’s jurisdiction, a government agency that will also have the authority to regulate transactions with digital assets.

    What cryptocurrency will become the main one in a year?
    BitcoinEthereum

    The most interesting projects will be related to bonds. Since Ukraine is actively engaged in issuing government bonds, a large number of brokers and banks are selling them to their clients as an alternative to deposits — the main investment instrument available to Ukrainians.

    Given that the NBU is the custodian of securities for government bonds, this body will also be involved in the legal process if these bonds are tokenized. Such cooperation will make it possible to create infrastructure projects, thereby reviving the securities market and making it more transparent and accessible for individuals.

    Although the bill is awaiting a vote, this is the first step to making Ukraine a competitive country for the crypto business, and at the very least, a favorable environment for the development of the domestic market. Thanks to the new legislative conditions, legal entities whose activities focus on digital assets will now be able to open bank accounts and work freely by exchanging and/or issuing digital assets.

    In addition to the possibility of launching a tokenized securities market, the strategic development of the fintech market from the NBU also suggests how national infrastructure projects will develop. According to the document, by 2025, the regulator will issue a central bank digital currency dubbed e-hryvnia. This idea is already included in the bill “On Payment Services,” and unlike today’s digital assets, the CBDC will be considered legal tender.

    The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

    Ruslan Kolodyazhnyi is chief technical officer and head of R&D at digital payments platform Wirex. He is also the chairman of the ICC Ukraine Banking Commission. Ruslan has 12 years of experience in fintech, holding expertise in blockchain and cryptocurrencies, start-up development, development of payment solutions, online banking, and creation of technological solutions and products.

    Source: www.bit-cointalk.com


    First Nigerian Electric Car Launched in Lagos

    First Nigerian Electric Car Launched in Lagos

    The first Nigerian electric car named Hyundai Kona was launched in Lagos by the Lagos State Governor, Babajide Sanwo-Olu. The governor also promised the completion of the Lagos-Badagry expressway to ensure the smooth run of business activities in the state.

    The Lagos State Governor, Babajide Sanwo-Olu on Friday, November 13, 2020, unveiled the first Nigerian electric car named Hyundai Kona.

    The car, which is a product of Stallion Group, was launched at the VON Automobiles Nigeria in Ojo, Lagos State where the car was manufactured.

    The new Kona, an Electric car is regarded in European motoring industry as the world’s number one, with the cost, put at about N24 million.

    While speaking during the unveiling of the product, Sanwo-Olu observed that VON has over 40 to 50 years of vehicle manufacturing history, when they were assembling various Volkswagen products.

    The governor was full of commendation for Stallion Group for the noble initiative, just as he promised that Lagos State Government will make provisions for electricity charging points for the vehicle across the state, to make it easy for users to enjoy their Electric Vehicles (EV).

    The Governor also promised the completion of the Lagos-Badagry Expressway, which was started under the administration of former governor of the state, Babatunde Fasola, in order to facilitate business activities in the state.

    Sanwo-Olu said, “Lagos-Badagry Expressway which has been expanded from 2 to 10 lanes will soon be complete, we are not rushing the road; we are building a first-class road construction project.’’

    The Managing Director, VON Automobiles, Mr Rohtagi Manish, while explaining the essence of the launch, pointed out that Kona will change things positively in the Nigerian auto market.

    According to Manish, the changes in global temperature and weather patterns are seen today are caused by human activity. Kona, he said, is one way to respond to the global weather challenges, so as to achieve a greener environment.

    This appears to be a huge boost for the promoters of more environmentally friendly automobile and subsequently promote a green environment. This will also help to drive the Federal Government’s efforts to shift focus from petrol-based automobile to vehicles with a cheaper source of energy.

    This article is sourced from:https://nairametrics.com

    Source: africancryptonews.com

    Author: Adimu Kamau


    Bitcoin prices rise on PayPal crypto news. US reticent on CBDC.


    Previous
    Crypto newsBad Crypto news of the week
    Next
    Crypto newsBig Macs for stacking Sats: Bad Crypto news of the week
    Did the article help? Rate it
    1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
    Loading...
    Add comment

    Get Awesome Reviews

    Coins, exchanges, wallets, crypto games, crypto cards.
    Search for reviews and share your own experience.

    GO TO REVAIN