Jump Crypto recently partnered with MakerDao’s Oasis eco-product to attack an upgradable Oasis contract, transferring collateral and debt from the attacker’s vault to its vault, thereby obtaining the number of money stolen from the Wormhole hacker vault. Oasis has received an order from the High Court of England and Wales to recover assets from the wallet addresses involved in the February 2, 2022, Wormhole breach.
Oasis revealed that an attacker at the end of January 2023 used their vault solution and multisig wallet to store dirty funds and then engaged in liquid staking ETH after being reported by a white hat hacker to have discovered a flaw related to the design of access to multisig. On February 16, 2023, Oasis decided to take advantage of that bug to “trick” the hacker’s wallet into transferring assets out outside and got all the money back through a series of transactions made on February 21.
This is done using multi-signatures and third parties authorized by the court, as required by the court order. Assets are immediately transferred to a wallet controlled by a trusted third party, as the court directs. Jump Crypto made a net profit of about $140 million through this attack.
In February of last year, Wormhole was hacked, and around 120,000 ETH was stolen, worth $325 million. Then, Jump Crypto announced that they invested 120,000 ETH in Wormhole to cover the stolen loss.
However, Oasis’s decisions are causing great controversy in the crypto community on Twitter, arguing that it will set a dangerous precedent that threatens the immutability of the blockchain and for the DeFi project to be possibly pressured by the law to perform the above “self-hacking” actions. People are worried that the same thing could happen to all contracts that are upgradeable, as the wallet provided by Oasis should have been non-custodial because the user holds the private key and has complete control, which means that this unit cannot unilaterally intervene like that.
Oasis’s decisions have caused a stir in the crypto community, as it is a breach of the trust that users have in the system. There are concerns that this could set a dangerous precedent that could compromise the security of all smart contracts, as well as the immutability of the blockchain.
The attack by Jump Crypto has raised a number of ethical questions, as it demonstrates that it is possible to bypass the security protocols of a blockchain system and exploit its vulnerabilities. This has led to debates about the extent to which the law should be able to intervene in such cases, and whether it is possible to ensure that the same thing doesn’t happen again.
At the same time, this attack has also raised questions about the security protocols of the Oasis product, and whether the company should have done more to protect its users from such an attack. This has led to debates about the need for better security protocols in the future, and the need for companies to be more transparent about their security measures.
Overall, the attack by Jump Crypto has highlighted the need for improved security protocols in the crypto space, and the need for companies to be more transparent about their security measures. It has also raised questions about the extent to which the law should be able to intervene in such cases, and whether it is possible to ensure that the same thing doesn’t happen again.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
