Jun 2021 - SafeDollar First Exploit - $95k (Global)
"Stablecoins are a special type of cryptocurrency tokens that are pegged to certain fiat currencies, usually the U.S. dollar. They are designed to always retain the value of their corresponding assets and—in theory—should always be tradeable or redeemable in a one-to-one ratio." "SafeDollar launched its Decentralized Exchange Offering on its partner exchange PolyDEX on Jun. 14."
"The Next Generation Algorithmic Stable Coin On Polygon" "Inspired by and improved from all predecessors, we are pleased to present the next generation algorithmic stablecoin on Polygon. SafeDollar will be the first and only algorithmic stablecoin that combines unique features of seigniorage, deflation protocol and synthetic assets." "#SafeDollar [is] Powered by @0xPolygon and supported by @QuickswapDEX."
"With its unique tokenomics and combined features, we strongly believe that SafeDollar will redefine the algorithmic stablecoin concept and set a new standard on Polygon landscape." "In SafeDollar’s case, the stablecoin uses a combination of “unique features of seigniorage, deflation protocol and synthetic assets” as its basis."
"An attack on June 20 resulted in the loss of 9,959 SDS, the protocol’s share tokens, worth around $95,000 at the time." "The attack happened on Jun-20–2021 06:21:04 PM +UTC." The attacker "withdrew 9,959.26 SDS, then sold for 95,392 USDC after bridging all to Ethereum." "This incident only affects the IDO token sale which is using PolyDEX’s token lock contract."
"SafeDollar developers published a “Postmortem Analysis” about an exploit that resulted in the loss of the protocol’s 9,959 SDS tokens—worth around $95,000 at the time."
"SafeDollar team will use $100,000 USDC and SDS from Dev fund to provide back 9,959.29 SDS for IDO buyers to claim their SDS." "We will deploy the new contract, and IDO buyers will be able to claim all their remaining SDS at once, without the need of vesting anymore."
Further Analysis
SafeDollar was backed by crypto-assets stored in a smart contract hot wallet, which even featured more than one vulnerability. They didn't see the value in an audit or bug bounty program.
Rather, their approach was to wait until the wallet was drained before coming up with a plan to reimburse investors from the dev fund.
How Could This Have Been Prevented?
The project stored all of the assets in a smart contract hot wallet. If most assets had instead been stored in an offline multi-sig, the attack would have resulted in significantly less impact. Other steps the team could have taken would include a smart contract audit or a bug bounty program.
More Cryptocurrency Exchange Hacks/Scams/Frauds
Impossible Finance Fake Token Drain > > < < Pension Investment Fraud Teresa Jackson
Sources/Further Reading
SafeDollar ‘stablecoin’ drops to $0 following $248,000 DeFi exploit on Polygon (Aug 28)
SafeDollar Protocol (Aug 22)
Safedollar The Next Generation Algo Stablecoin On Polygon (Aug 22)
SafeDollar - SafeDollar (Aug 22)
@safedollarfi Twitter (Aug 28)
Safedollar Postmortem Analysis (Aug 28)
Address 0x8a0a1eb0bae23e4e95608e3aad7fa25b0d907c6c | PolygonScan (Aug 28)
SafeDollar Stablecoin not Safe nor Stable: Hack Sends Value to ZERO - Security Boulevard (Aug 28)
Polygon Project SafeDollar Crashes to Zero After Attack | Crypto Briefing (Aug 28)
 t.me/QuadrigaInitiative
|
 /r/QuadrigaInitiative
|
 @QuadrigaInit
|
 info@quadrigainitiative.com
|