Value DeFi Exploited Yet Again This Week? TVL Collapses by 80% Days After $10M Exploit

Value DeFi Exploited Yet Again This Week? TVL Collapses by 80% Days After $10M Exploit

$829 million have been wiped out from the project’s TVL, and withdrawals are halted, while Value DeFi reports “one single large withdrawal from one user caused the balance of the vault to be off.”

Audited decentralized finance project Value DeFi saw the total value locked (TVL) in it crashing by 80% in a single day.

On May 4th, the project had almost $1 billion in TVL, which went from nearly $865 million on Friday to the current $180 million, as per Defi Llama.

The project, which was initially launched on the Ethereum mainnet in August 2020, had recently expanded to Binance Smart Chain (BSC). The project offers features like automated market maker (AMM) and decentralized exchange (DEX) aggregator (vSwap).

According to the BSC project, Value DeFi is handling just over 9k transactions and nearly 3.5k addresses interacting with the project.

There is currently $10.18 million in TVL in the protocol, while less than 24 hours back, $839M was reported.

On Friday, the project announced on Twitter that they are taking additional steps to protect its users and, as a first step, implemented a new 12hr timelock on all critical functions for vFarm.

This improved security update came after earlier in the week. Its vStake profit-sharing pool for vBSWAP was exploited resulted in a loss of $10 million user deposits in that pool due to losing a line of code by “human error.”

“All other pools and funds are SAFU,” it reported in the post mortem of the incident.

At the time, the VALUE team said part of the Reserve Fund would be spent to buy the insurance and further proposed two approaches to help affected users.

All vBSWAP within the Reserve Fund (2802.75 vBSWAP) and 205,659 BUSD from the ValueDeFi deployer will be used to compensate all users at the pool. The remaining 4540 vBSWAP will be minted and either used to compensate all affected users immediately or in two parts.

But it seems like just days after the exploit; something else is going on with the project as its TVL sees such a crash. Trader @depression2019 noted that VALUE seems to be hacked and its pools drained for well over $100 million that could make it the “biggest hack in DeFi history.”

“For those wondering why they can’t withdraw from the WBNB vSafe, your funds are safe; we only disabled deposits and withdraws after noticing one single large withdrawal from one user caused the balance of the vault to be off. There is something wrong with the Alpaca strategy, and we are currently working with Certik and the Alpaca team to resolve the problem. Until then, we will continue working on solutions for all affected users during today’s exploit,” reads the pinned message on the project’s Telegram while the community members berate the project for rug pulling them several times.

This project lost $7 million late last year after they bragged about their “flash loan protection.”

Unlike the last time, the price of the VALUE token fell over 21% this time and is currently trading at $3.86, down 91.7% from its all-time high of $46.90 in Sept. 2020, as per CoinGecko.

Read Original/a>
Author: AnTy

BTCPay Server Releases New Version After Tesla Discloses Vulnerability

BTCPay Server Releases New Version After Tesla Discloses Vulnerability

Bitcoin payment processor, BTCPay Server, has released a new version after Tesla’s security engineering team disclosed vulnerabilities.

As such, any BTCPay Server user running a version older than v.1.0.7.1 is recommended to update your instance. Aaditya Purani, Sr. Security Engineer at Tesla said,

“Got assigned 6 CVEs for my findings on BtcpayServer. Highlights include a pre-auth remote code execution by combining two bugs (under certain circumstances). Thanks to BtcpayServer for their swift remediation actions. Please update your instances to v1.1.0.”

Tesla’s security engineering team first reported the vulnerabilities on April 19th, and after investigating and confirming them. BTCPay Server, along with Tesla’s team, patched the vulnerabilities.

A newly patched version, v1.0.7.1, has been released today.

The vulnerabilities included CVE-2021-29251, a critical one that allowed a malicious part to generate an email asking for a password reset to the victim. If the victim clicked, then the targeted account could be taken over.

In CVE-2021-29246, BTCPay Server wasn’t properly validating file names in upload forms, which could result in uploaded files being saved in arbitrary locations on the server. CVE-2021-29250 was related to XSS vulnerability in the Point of Sale feature.

Another CVE-2021-29245 allowed the generation of legacy API Keys which can be used to generate new invoices, and the selection of UTXOs in Payjoin were using a weak RNG.

CVE-2021-29247 involved the lack of httponly, and CVE-2021-29248 allowed a remote attacker to obtain sensitive information.

“We would like to thank Tesla for submitting the disclosure that led to these fixes and helping us with remediation,” stated BTCPay Server, which is now looking into the creation of a bug-bounty program as one way to improve the security process.

Earlier this year, Tesla announced its billion-dollar worth bitcoin holdings and then later started accepting BTC as a payment. Instead of converting to cash, the company will be holding.

Read Original/a>
Author: AnTy

Turkish Crypto Exchange Under Investigation After Abrupt Shut Down, User Funds ‘Irretrievable’

Turkish Crypto Exchange Under Investigation After Abrupt Shut Down, User Funds ‘Irretrievable’

With about 390,000 active users affected, the senior economic adviser to the President calls for the Turkish government to take action and “carry out a regulation.”

An investigation has been launched into a Turkish cryptocurrency exchange Thodex after the platform became inaccessible on Wednesday. The exchange abruptly halted trading, citing unspecified partnership transactions.

The Public Prosecutor’s Office in Istanbul appealed to the personnel for their testimonies on the platform, after users who can’t access their digital assets complained to the authorities, reported the state-run Anadolu Agency.

The website of the exchange is inaccessible, displaying a “404 Not Found” message.

Operating since 2017, Thodex advertises itself as Turkey’s first licensed crypto exchange and has 14.8k followers on Twitter.

In an undated statement on the website, the exchange said it decided to allow outside investment to serve its customers better adding, services will remain shut for five working days while the transfer is completed, but users need not be worried about their investments.

Unable to withdraw their funds, users of the exchange have now filed a complaint alleging fraud.

“We’ve filed a legal complaint on Wednesday,” Oguz Evren Kilic, who represents an unspecified number of Thodex users, told Bloomberg. According to him, hundreds of millions of dollars worth of assets of about 390,000 active users is “irretrievable.”

The founder and CEO of the exchange Faruk Fatih Ozer allegedly fled the country on Wednesday. Demiroren News Agency said Ozer’s gone to Albania, based on a photo which it said is of Ozer at the airport.

The Turkish government should take action “as soon as possible,” Cemil Ertem, senior economic adviser to President Recep Tayyip Erdogan, told Bloomberg on Thursday.

“Pyramid schemes are being established in this area. Turkey will undoubtedly carry out a regulation that’s in line with its economy but also by following global developments.”

About a week back, Turkey’s central bank banned the use of cryptos as a form of payment from April 30, citing possible “irreparable” damage and transaction risks.

Amidst this, the search for bitcoin, crypto, altcoins, DeFi, and NFT on Google in the country have surged to all-time highs as Turks seek investments to hedge against the depreciating fiat currency and high inflation.

Read Original/a>
Author: AnTy

Bitcoin (BTC) Price Trading Analysis – April 19

After closing the weekly session at $56,280 in a bearish engulfing pattern, down 6% from the previous week, BTCUSD staged an abortive recovery in the early trading hours on Monday.

A daily close on Saturday below the key support level of 61165 triggered a rapid, alarming decline on Sunday, leading to roughly $4.9 billion worth of BTC long positions getting liquidated across exchanges.

As illustrated in the chart below, the price bounced off the primary trend line (lower trend line) at $51,500 and eventually secured the .618 Fibonacci level by daily close, but failed to close past the secondary trend line (upper trend line) at $56,900.

BTC1

In the early hours on Monday, an effort to reclaim the secondary trend line was rejected at the first time of asking. If the secondary trend line is not reclaimed by close on Monday, then a retest of the primary trend line could be in the offing. It’s critically important that BTCUSD holds on to the primary trend line.

Since October 2020, daily RSI has held above the all-important bull cycle bottom zone, highlighted in the chart below. Daily RSI is currently at its lowest since November, pending daily close, but still within the zone which must be retained.

BTC2

Chaikin Money Flow (CMF), which last week turned negative for the first time in seven months, is once again approaching negative territory, indicating that sell pressure may still persist.

Key support levels are $54,000 and $51,800. Key resistance levels are $57,500 and $59,100.

Zooming out and taking a long-term perspective of the market, after breaching 90 following March close, monthly RSI may be due for a corrective spell before swinging back to the new ATH price for this bull cycle towards the end of 2021.

BTC3As charted above, during the two previous post-halving rallies in 2013 and 2017, the first monthly RSI reaction low price, $150 in 2013 and $3100 in 2017, became the approximate floor price for the bear cycles that followed, in early 2015 and late 2018 respectively. If this trend were to hold, Bitcoin could be establishing the floor price for the next bear cycle over the next month or so.

It should also be interesting to see whether the end of this corrective phase coincides with the end of tax season in the US. The Federal tax filing deadline for the 2020 tax year was initially set for April 15 but has since been extended to May 17.

Read Original/a>
Author: Lamps T

Gitcoin Spins Out of ConsenSys After Raising Over $11M in a ‘Strategic’ Capital Move

Gitcoin Spins Out of ConsenSys After Raising Over $11M in a ‘Strategic’ Capital Move

Gitcoin, a decentralized funding program supporting open-sourced blockchain projects, has grown its Treasuries by $11.3 million, a blog post confirmed on Wednesday. The funding was led by Paradigm, with top crypto firms such as IDEO, 1kx, Electric Capital, The LAO, and MetaCartel Ventures also joining the round. Other individual investors included Andreessen Horowitz’s board partner, Balaji Srinivasan, and Naval Ravikant, co-founder of AngelList.

The additional funding aims to increase the firm’s capital during tougher crypto market times and assist the company spin-out from its parent company, ConsenSys.

“It was time for us to go and see if this bird can fly and if we can do this on our own and manage our own balance sheet accordingly,” Gitcoin COO Kyle Weiss said.

Launched in 2017, the firm has helped several companies get off the ground, including Uniswap (UNI), Defiant (a crypto-focused publication), and the Ethereum 2.0 testnet, Prysm. The program has released nearly $20 million in grants to connect crypto and Web3 startups with open-source developers.

Weiss said the extra funding would enhance the “general development of the space” to decentralize the internet while helping open source developers in funding, especially in times of crisis.

“We want Gitcoin and Gitcoin Grants to have staying power, so now is the time to make sure there’s enough money in the treasury to last the next four to 10 years, potentially through at least another bear market” Weiss said.

Gitcoin rolled out four grant programs in 2020 to over 20 projects after $975,000 in grants across 2019.

Read Original/a>
Author: Lujan Odera

ECB Survey: 43% Of Respondents View Privacy As A Critical Ingredient For A Digital Euro

ECB Survey: 43% Of Respondents View Privacy As A Critical Ingredient For A Digital Euro

Weeks after European Central Bank (ECB) boss Christine Lagarde mentioned the bank’s intentions to conduct a public forum; the ECB has released its findings.

Privacy Is Uppermost On Europeans’ Minds

The press release made on April 14 was able to highlight some of the key requirements of a central bank digital currency (CBDC).

The public consultation, which began in October 2020 and ended on January 12, 2021, received a record number of responses. According to the ECB, 8,200 responses were filed with private citizens and professionals participating in the exercise.

The report noted that private individuals accounted for 94%. The remaining were made of professionals, including banks, payments service providers, and merchants.

The country with the most participants was Germany (47%), followed by Italy (15%) and France (11%).

The majority of the participants highlighted privacy as a major feature they would like to have on the upcoming digital euro. 43% of respondents called for this. This was followed by security at 18%, the ability to make payments in EU member states was 11%, and with no additional costs at 9%. Offline usability took the rear, with 8% of respondents asking for this.

According to the ECB Executive Board member Fabio Panetta, a digital euro will only be successful if it meets the needs of Europeans. Panetta assured all participants that the public consultation would serve as a guideline for the digital euros exploration.

CBDCs Tools For Government Surveillance

In a previous conversation, ECB boss Christine Lagarde had revealed that the process from adoption to the launch of a digital Euro could take up to four years.

CBDCs are a hot topic following the recent surge in private cryptocurrencies’ prices. With many countries clamping down on crypto assets, some national banks actively explore the potential of a state-sanctioned digital currency to combat the extinction of fiat.

The People’s Bank of China (PBoC) has become a major force in the CBDC race after launching pilot tests in several Chinese cities. Other national banks like the Swiss Riksbank are also considering a digital krona called the e-krona.

Despite what many consider a necessity to combat volatility associated with cryptocurrencies, critics of CBDCs have said that they are just tools for more government surveillance. This has led to some countries like the US stalling in their CBDC program until they have a solution for users’ privacy concerns.

Read Original/a>
Author: Jimmy Aki

GBTC Discount Starts Making A Recovery After Crashing to a Record Low of Almost 12%

GBTC Discount Starts Making A Recovery After Crashing to a Record Low of Almost 12%

GBTC share prices have also been taking a beating along with the sell-off in the traditional market while the price of Bitcoin continues to consolidate in the $40k-$50k range.

Grayscale Bitcoin Trust has been trading at a hefty discount, nearly 12%, before recovering some to just under 3%.

It was on Friday that the GBTC premium took a sharp drop falling to its record low of -11.92%, as per Glassnode. According to CMS Holdings, this discount is just “some people took some pain and got out and took the L.”

Back on Dec. 22nd, this premium was as high as 40%, and from there, it only went down and during the last week of February was when it ventured into the negative territory.

The recent GBTC discount also coincides with the US equities sell-off. Interestingly while GBTC has been crashing, the price of spot Bitcoin has been consolidating between the $40k-$50 range. Even MicroStrategy shares have been getting sold off, and so have been Tesla and many other tech stocks. ParabolicTrav said,

“US markets are basically right at the bottom now, so the discount is reflective of the “panic” selling we just saw in global markets. Spot BTC barely affected by the sell-offQ, league of its own.”

image1

Though the premium went to its lowest level ever, it wasn’t the first time they went negative. As a matter of fact, these discounts have marked Bitcoin bottoms historically.

As we reported, Bloomberg strategist Mike McGlone sees this discount signaling Bitcoin’s march to $100k. “The steepest ever Grayscale Bitcoin Trust (GBTC) discount is a rare indication of an improving price outlook for the crypto, if history is a guide,” he wrote. “Sharp reductions in the GBTC premium have often marked bottoms in Bitcoin,” added McGlone.

At the same time, December CME-traded Bitcoin futures settled about 20% higher, “a tailwind for the underlying crypto.”

Moreover, the increasing probability of exchange-traded funds (ETF) in the U.S., on the back of the success of the ones launched in Canada, is adding pressure to the trust’s price.

Eventually, as CMS Holdings said, Grayscale is also expected to be turned into an exchange-traded fund (ETF) or get “turned into physical BTC.” Currently, there is no redemption program with GBTC. Still, given that GBTC represented about 4% of the total Bitcoin market cap now versus Q1 of 2017 when it was just 1%, it has a greater influence on the underlying Bitcoin market.

Meanwhile, much like the premium on GBTC, its shares haven’t been having a good time as it crashed nearly 35% from its Feb. 19 ATH. As of writing, GBTC share was trading at $43.8. Currently, the world’s largest asset manager Grayscale Investments holds 655.54k BTC, representing just over 3.5% of Bitcoin’s circulating supply.

Read Original/a>
Author: AnTy

Paid Network Planning to Redeploy Smart Contract After the Exploit

Paid Network Planning to Redeploy Smart Contract After the Exploit

The token minting feature exploit led the price of the PAID token to crash 97% to $0.1. The team asks not to buy the dip and to pull out the liquidity.

DeFi protocol, The Paid Network that describes itself as a “borderless legal toolkit,” has been exploited. The hackers exploited the contract’s token minting feature to create some 60 million PAID tokens.

This resulted in the price of the PAID token losing nearly 97% of its value to crash to $0.1. Just a fortnight ago, the token made a new all-time high at $5.85, as per CoinGecko.

“The team is planning to deploy the new minting contract then redeploy it to everyone”, said Kyle Chasse, founder of the protocol. In the early hours of Saturday, he tweeted,

“There was some exploit or attack on PAID token contract, Certik is actively helping us identify the issue. Please DO NOT buy or sell PAID tokens right now. This issue will be resolved, be calm, don’t worry. Feeling gutted, but handling it.”

It was during the late hours of Friday when the reports of the hack came, and the team announced that they are investigating the issue.

“We pulled liquidity, are creating a new smart contract, & will be restoring everyone’s original balances to before the hack. Those with staked, Lpool & UniFarm PAID will have their tokens be sent to them manually.”

The team has been asking the community not to buy the dips as it can expose the buyer to negative impacts. Not to mention, the team is planning to reissue the Paid Network smart contract. Users and buyers are urged to wait for the next update. The team said,

“Rest assured Kyle and the whole team is actively investigating, we removed all our liquidity, will take a snapshot right before the first dump happened, and will be restoring balances to that amount.”

Read Original/a>
Author: AnTy

CFTC Commissioner Heath Tarbert Announces Departure From Office

After a successful 18-month tenure in office, Heath Tarbert is set to step down from his role as commissioner of the Commodities Futures Trading Commission (CFTC) on Friday.

Tarbert announced his departure in a tweet published on Wednesday, where he thanked his colleagues for the wonderful time spent. Tarbert stated,

“After almost 2 years at the @CFTC—including 18 incredible months as Chairman & Chief Executive—Friday will be my last day at the Commission. It’s been an honor to work with so many talented individuals who make the CFTC the global standard for sound derivatives regulation.”

Tarbert’s tenure as chairman included the classification of ether (ETH, +0.23%) as a commodity, the launch of ether futures contracts, and an expansion of regulated crypto derivative products.

Recall that in December, he had left his post as chairman of the CFTC, which was announced formally by the Commission on its website. He was then replaced by acting chairman Rostin Behnam. However, Tarbert had indicated that he would go on to stay at the commission as commissioner for an indefinite length of time.

Although his term was not set to expire until April 2024, he said he felt his leaving would help clear the way for President Biden’s selection of a permanent chair. This comes as no surprise as Tarbert had previously said his 18-month term would end once President Joe Biden took office.

Brummer To Head Federal Commodities Regulator

Meanwhile, following the announcement by Heath Tarbert, speculations have been made on who the next CFTC commissioner would be. Although President Biden has not yet nominated a permanent replacement, crypto-savvy academic and Georgetown law professor Chris Brummer is said to be in the lead for the position.

The Georgetown professor has been selected along with two Democratic commissioners, Rostin Behnam and Dan Berkovitz, by the Biden administration. Brummer has been quite vocal on the need for more minorities to be represented in the financial sector, saying this is the only way to quantify the impact policies have on minority groups.

Following his extensive research on digital technology and his role as a member of the sub-committee on virtual currencies, Brummer is seen by many crypto-enthusiasts as the person that will lead the agency to craft a dynamic regulatory framework for the crypto industry.

Read Original/a>
Author: Jimmy Aki

Evolve Files for a Ethereum ETF After Launching its Bitcoin ETF Last Month

Evolve Files for a Ethereum ETF After Launching its Bitcoin ETF Last Month

Evolve Funds Group has filed for an Ether exchange-traded fund (ETF) with the Canadian Securities regulators.

After launching the Bitcoin ETF (EBIT) on the Toronto Stock exchange, just a day after the first Bitcoin exchange-traded fund ever — Purpose Bitcoin ETF which gained the first-mover advantage and raised $421 million in just two days of its debut.

As a result, last week Evolve lowered the management fee on EBIT to attract investors. EBIT currently has $40 million in assets under management, as at March 1, 2021.

Now, Evolve with $1.7 billion in AUM is aiming to be the first mover in Ether ETF and has filed a preliminary prospectus to provide investors exposure to the world’s second-largest cryptocurrency.

The price of Ether is currently trading around $1,550, up over 113% YTD. Raj Lala, President, and CEO, at Evolve said,

“Ether is a digital asset that is not issued by any government, bank or central organization and was intended to complement rather than compete with bitcoin.”

ETHR aims to provide investors with exposure to the daily price movements of the U.S. dollar price of Ether which will be based on the ETHUSD_RR, a once-a-day benchmark index price for Ether administered CF Benchmarks which is currently the settlement index for futures contracts listed by CME Group as well.

ETHR will offer Canadian dollar-denominated unhedged units (“CAD Units”) and U.S. dollar-denominated unhedged units (“USD Units”). Elliot Johnson, CIO, and COO at Evolve says,

“Ether is the building block for a revolution in digital finance which is still in its infancy.”

“Ethereum is the most actively used blockchain with Ether being used to pay for transaction fees and computational services.”

Read Original/a>
Author: AnTy