š§µ 1/10 $K Hack Recap & Recovery Plan
The last 72 h were brutal. A sophisticated proxy exploit let an attacker mint unlimited $K on Arbitrum, drain our Uniswap pool + Morpho vault, and nuked the price with millions of fake tokens.
Hereās the recap & path forward š§µ
2/10 What happened
ā¢ Hidden āhacker-proxyā inside the ERC-1967 proxy š©
ā¢ Attacker flipped the pointer, seized owner() + minted at will
ā¢ Drained $1.55 M liquidity & USDC in minutes
ā¢ Price collapsed >95 % š„
3/10 What didnāt happen
ā
Kinto L2 contracts, bridge, wallet SDK, AA infra ā©ļø
ā
User deposits/withdrawals on Kinto
The bug was quite complex and relied in the 10-year-old ERC-20 proxy & Block Explorers slot mishap that we didnāt write.
4/10 Timeline (UTC)
ā¢ Jul 9 20:17 ā Exploit disclosed
ā¢ Jul 10 08:40 ā Attacker mints & drains liquidity
ā¢ Jul 10 09:50 ā First Announcement by Kinto team
ā¢ Jul 10 16:18 ā Venn disclosure recognizing Kinto was not notified
ā¢ Jul 10 21:44 ā Full thread recapping the situation
ā¢ Jul 11 ā ZeroShadow engagement signed & contacted authorities
ā¢ Jul 12 ā Deep technical dive by @pcaversaccio
so I found out that it's even fancier. I observed that the frontrunning tx (by the attackers) calls `initialize` and protocols also call _successfully_ `initialize` after (thus they think everything is normal). But wait, how is this even possible? I had to look very deep into the storage slot changes and guess what I found: they _reset_ the `_initialized` storage slot value at the end of the frontrunning tx (after they swapped to the malicious implementation contract). This means that the proxy storage looks now as it was never initialised.
The relevant storage slot to look at is `keccak256(abi.encode(uint256(keccak256(" - 1)) & ~bytes32(uint256(0xff))` = `0xf0c57e16840df040f15088dc2f81fe391c3923bec73e23a9662efc9c229c6a00`
This is next-level evil.
5/10 Impact
ā¢ Direct loss: $1.55 M
ā¢ Market cap: ā$10 M
ā¢ Morpho suppliers owed $3.2 M; borrowers hold $2.4 M (liq ā„ $3)
6/10 The comeback plan
1ļøā£ Deploy proxy-less $K v2 on Arbitrum
2ļøā£ Snapshot & restore ALL balances (on-chain + CEX) Block:
356170028
3ļøā£ Seed new Uniswap pool & reopen CEXs at pre-hack price
4ļøā£ Borrowers get 90 d to repay ā suppliers recoup 85 %+
5ļøā£ āDip buyersā before our first alert receive v2 $K pro-rata
7/10 Where we are now
ā¢ Trading frozen on Gate, MEXC, BingX
ā¢ Remaining liquidity removed to protect users from trading
ā¢ Working with investigators & exchanges
ā¢ Working on the migration plan
8/10 Weāre raising a recovery fund
Bootstrapping fresh liquidity isnāt free. If you believe in Kintoās missionāsafer, compliant DeFiāconsider helping. Every wei goes to liquidity & restitution.
Please reach out š
9/10 Our promise
This wasnāt a bug in Kinto code, but responsibility is ours. Weāll:
ā¢ Migrate the token as fast as we can š”ļø
ā¢ Keep comms 100 % transparent
ā¢ Make every affected user whole as quickly as humanly possible
26.99K
145
The content on this page is provided by third parties. Unless otherwise stated, OKX is not the author of the cited article(s) and does not claim any copyright in the materials. The content is provided for informational purposes only and does not represent the views of OKX. It is not intended to be an endorsement of any kind and should not be considered investment advice or a solicitation to buy or sell digital assets. To the extent generative AI is utilized to provide summaries or other information, such AI generated content may be inaccurate or inconsistent. Please read the linked article for more details and information. OKX is not responsible for content hosted on third party sites. Digital asset holdings, including stablecoins and NFTs, involve a high degree of risk and can fluctuate greatly. You should carefully consider whether trading or holding digital assets is suitable for you in light of your financial condition.