Origin Offers to Hire OUSD Hacker as a Security Consultant in Exchange for the Stolen $7M

Yet another DeFi hack this week.

Matthew Liu, the co-founder of Origin Protocol, confirmed an attack on the Origin Dollar (OUSD) vault.

“OUSD has been hacked, and there has been a loss of user funds. We are actively investigating the issue. We are committed to making things right,” wrote Liu in the official Medium post.

In the attack, the hacker got away with over $3.3 million worth of ETH and 249,822 DAI after having laundered a substantial amount through Tornado.Cash, wBTC, and renBTC.

The team is now asking exchanges to blacklist any transactions from the wallets identified as belonging to the attacker.

“The attack was a reentrancy bug in our contract.

Unfortunately, our contract was safe from reentrancy bugs unless one of our supported stablecoins was attacking us.”

He explained that the attack originated from a contract deployed at Nov-17–2020 at 12:40:56 AM +UTC, which involved a flash loan of 70,000 ETH borrowed from dYdX. It further involves the stablecoin swaps, the minting of 7,500,000 OUSD as intended.

“At this point, the attacker held a little over half of all OUSD in existence”

The attacker basically exploited a missing validation check in mint multiple, minting OUSD with multiple stablecoins, to pass in a fake “stablecoin” under their control, which then called “transferFrom” on by the vault, allowing the hacker to exploit the contract with a reentrancy attack in the middle of the mint.

image1

The attacker was able to create a rebase event inside the second mint after funds had moved to OUSD from the first mint but before the supply of OUSD increased. This created a massive rebase for everyone in the contract, including the attacker. As such, the attacker received their first large OUSD mint, more OUSD than the contract had assets.

The attacker was able to take extra OUSD after withdrawing and selling it on Uniswap and SushiSwap for USDT.

The Origin Protocol team continues to recover the funds and asked the users to stop providing liquidity on SushiSwap, remove their funds, and not indulge in buying or selling OUSD.

The team has also asked the hacker to do the right thing by returning the funds, now that they have “demonstrated your superior skills as a hacker, and we’d happily hire you as a security consultant.”

As a result, the stablecoin pegged to $1.00 has dropped over 85% in value to $0.15.

More than $40 million has been lost in the last month alone in DeFi hacks such as Value DeFi, Akropolis, Harvest Finance, and CheesBank.

Read Original/a>
Author: AnTy

Bahamas Central Bank Confirms CBDC ‘Sand Dollar’ to Launch In Less Than 30 Days

The Bahamas Central Bank has confirmed that its pipeline CBDC ‘Sand dollar’ will roll out next month as anticipated. This will mark the first retail-oriented CBDC to be integrated with fundamental financial market pillars as the world gradually shifts to digital payments. According to the announcement, Bahama’s Sand dollar is ready for national release and will be scaled past the pilot regions of Abaco and Exuma as of October 20.

Notably, the Sand dollar has been in the works since 2018 and came about as one solution to onboard more of the Island’s population into a ‘bank-like’ ecosystem. The latest development, therefore, marks a significant milestone for the prospectus Bahamian digital dollar, which might ultimately boost financial inclusion. The announcement noted,

“Although average measures of financial development and access in The Bahamas are high by international standards, pockets of the population are excluded because of the remoteness of some communities outside of the cost-effective reach of physical banking services.”

Sand Dollar Stakeholders

The Central Bank of Bahama will roll out Sand dollar in collaboration with Authorized Financial Institutions (AFI’s); these include Credit Unions, Money Transmission Business (MTB), Payment Service Providers (PSPs), and Commercial banks. They will act as the intermediaries between the regulator and retail market by providing services such as digital wallets and transactional operations.

The Sand dollar gradual national release will happen in two phases, with the first one being KYC and due diligence readiness amongst the AFI’s. This will cover all account tiers, including digital wallets that will be launched as part of the Sand dollar ecosystem. The Central Bank added that it would continuously increase engagement with the private sector stakeholders.

As for the second phase, emphasis will be on government services and public utilities; this stage is expected to kick off in 2021 between the first and second quarters. Likewise, the AFI’s are also in preparation mood with three PSPs, once a commercial bank and four MTBs already authorized to operate as Sand Dollar AFI’s.

“These AFIs are enabled to offer Sand Dollar services to stakeholders either through their custom apps (after successful completion of a cybersecurity assessment) or through the generic Sand Dollar app.”

Notably, the Sand dollar network has undergone an intensive cybersecurity assessment, which is, in turn, complemented by similar testing procedures by AFI’s before being integrated with this CBDC. Also, the Sand dollar wallets are embedded with 2FA features. The Central Bank, however, highlighted that Bahamians would enjoy confidentiality but not the anonymity of fiat.

Read Original/a>
Author: Edwin Munyui

Russian Monitoring Agency Develops Blockchain Analysis Tool To Track Bitcoin And Monero

A report from local news channel RBC confirmed on Tuesday Russian intelligence unit, Rosfinmonitoring, (Russia’s Federal Financial Monitoring Service), has proposed a cryptocurrency monitoring tool similar to U.S.’s Chainalysis. The agency, in charge of reducing cases of money laundering and terrorist financing in the country, will start tracking Bitcoin and other cryptocurrencies including privacy enhanced tokens such as DASH and XMR.

“The Transparent Blockchain”, is a new prototype built in partnership with the Lebedev Physical Institute of the Russian Academy of Sciences that will use artificial intelligence to track blockchain activity and cryptocurrency transactions. According to the report, a letter to the Deputy Minister of Digital Development, Communications and Mass Media, Maxim Parshin, has been approved by the Ministry of Telecom and Mass Communication.

So far, the Rosfinmonitoring has started preparations for widespread production of the software with the Bank of Russia and financial institutions within the country set to test it in the “near future.”

A $10 million request

The prototype is ready and tested on drug controls, the Federal Financial Monitoring Service confirmed. However, till now development of the blockchain analysis service has been constricted to extrabudgetary funds. To continue the build, the Rosfinmonitoring requested the federal government to increase their funding for the project by 760 million rubles (~$10.42 million) in the next three years.

Russia has been on the forefront in preventing money laundering and terrorist financing using cryptocurrencies. In July, President Vladimir Putin signed two digital asset bills into law – first, authorizing that crypto is property and second, digital assets cannot be used as a form of payment within the country. Earlier this month, the Russian government outlawed sending cryptocurrencies to any anonymous wallets forcing users to be fully KYC compliant.

Read Original/a>
Author: Lujan Odera

Crypto Mom, Hester Peirce, Secures Second Term as SEC Commissioner Through 2025

The US Securities and Exchange (SEC) Commissioner Hester Peirce, aka “Crypto Mom,” has been confirmed for a second term that will last till June 5, 2025, by the US Senate in a voice vote.

The “Crypto Mom” nickname was bestowed upon her by the crypto community for her support of the cryptocurrency market. Just last month, during her testimony in the nomination hearing, she maintained that stance as she said crypto is “clearly going to be here to stay, and I would like us to set up a regulatory framework that works well for crypto.”

Pierce wants to work on SEC’s “attitude towards innovation,” which she said is highlighted in their consideration of crypto.

Earlier this year, she proposed a three-year safe harbor for blockchain companies that conduct token sales. Here, she talked about SEC oversight and adherence to disclosure standards while allowing the firms to develop a network and work toward decentralization before being subject to the Howey test.

She is also an advocate for the approval of a bitcoin ETF, which has been rejected numerous times on the round of price manipulation. In February, in a dissenting statement, Pierce objected to SEC’s approach to these products and that “it evinces a stubborn stodginess in the face of innovation.”

As we reported, with the potential of SEC Chairman Jay Clayton moving to the US Attorney’s office, Pierce is also speculated to be the next SEC Chair.

“On behalf of our 4,500 dedicated colleagues, we applaud their long-standing commitment to investors and look forward to their continued work to advance the SEC’s vital mission of protecting investors, maintaining fair, orderly, and efficient markets, and facilitating capital formation,” Clayton and fellow commissioners congratulated Pierce and Caroline A. Crenshaw.

Read Original/a>
Author: AnTy

Andreessen Horowitz, A16z, Seeks $450 Million In Latest Crypto Funding: Report

Reports from the Financial Times confirmed that Andreessen Horowitz, the crypto-focused investment firm, is looking to raise additional funding of close to half a billion in this new round.

The news comes at a time when the world’s economies are languishing in the Coronavirus epidemic and signals that investors are still willing to test the waters in the crypto field.

According to two unnamed sources “familiar with the matter”, Andreessen Horowitz (a16z) is looking to raise an additional $450 million in a new funding round. The report estimates that the firm will receive the amount in about a week as investors flock towards the crypto industry.

The Silicon Valley-based firm aims to expand its crypto operations and expanding its markets with this latest funding. This comes only two years after the firm secured a $300 million funding round to specialize in crypto activities and blockchain-based projects.

A16z Highly Networked in the Crypto Space

Over the years, a16z has invested in some of the top projects in the blockchain space including Coinbase, Libra, Anchorage, and Polychain Capital.

The firm led a $30 million investment round on blockchain smartphone startup – Celo – back in April 2019.

Notwithstanding, a16z also invested in Ethereum-based decentralized finance solutions such as Maker (MKR), dYdX and Compound in the past few years.

As the crypto market awaits one of its most important events – Bitcoin’s halving – the doubling down on crypto by a16z sets a bullish mood in the crypto market.

Read Original/a>
Author: Lujan Odera

Is Binance’s CoinMarketCap Acquisition a Conflict of Interest or a Win-Win-Win for All?

The rumor has been confirmed, Binance has acquired CoinMarketCap for an undisclosed amount.

On April 2nd, both the companies announced that the leading crypto exchange has acquired the crypto data tracking site that recently launched a new Liquidity Metric, added derivative market data and new rating analytics.

The acquisition will “enable us to build on each other’s strengths, jointly serving as infrastructure providers of crypto,” said Binance founder and CEO Chagpeng Zhao.

As part of this transition, CMC founder Brandon Chez will be stepping down as the CEO after seven years and will be replaced by the current Chief Strategy Officer, Carylyne Chan who will act as an interim CEO. Chez said,

“I believe that of all the teams in the space that could acquire CoinMarketCap, Binance is one of the very best options.”

New phase of growth

Last year, CMC came under the scrutiny for reporting “false” trading volume, concerns that the company conceded to be valid. CMC addressed the problem by adding a column for “adjusted volume” which has about the same numbers as “reported volume.”

The data tracking site might be “working hard to build constructive solutions” but according to Nic Carter of Coin Metrics, it was like pouring a small cup on a blazing house fire.

Now, Binance has purchased the company and Chan is optimistic about this “new phase of growth.” She said,

“We have been public about our commitment to remaining neutral by avoiding censorship and judgement of projects or exchanges that we list, preferring to let users make their own decisions based on the data. We are delighted that the Binance team has been unequivocal in ensuring that we can continue to adhere to our methodology without prejudice.”

CMC will remain independent

However, the vast majority of the community is not feeling good about this acquisition is a “conflict of interest” and would see “more fraud, abuse, rigged rankings & project extortion to get ‘listed.’”

But CMC maintains that it will be run as an “independent business entity” and that “Binance cannot make any changes in our business model unilaterally.”

Source: CMC

CMC Killer: A “win-win-win for all of crypto”

While the market is criticizing this move, CMC’s competitor Messari Crypto’s founder Ryan Selkis believes this is a “massive win-win-win for all of crypto.”

Selkis has previously taken shot at the company for their “data quality” but he clarified that he’s “supposed to” because “they’re the 800 lb gorilla in crypto data, and we compete for share.”

According to him, CME has the first-mover advantage, retail market, and ingrained habit to enter CMC in browsers to search prices which they realized early on in the game when their investors wanted them to build a “CMC killer.”

While Messari is a professional crypto data service with robust tools, CMC is a retail-focused company and Binance will add muscle to its data quality and help set exchange standards. Selkis said,

“I don’t buy the narrative that Binance will “ruin” CMC’s independence because CMC never had a pristine, high-quality brand to begin with! It was a great shitcoin business, but investors shat on them mercilessly. If anything brand value will rise.”

Read Original/a>
Author: AnTy

Poloniex Exchange Users Urged to Reset Passwords After Email Data Leak on Twitter

The Poloniex crypto exchange is once again in the spotlight after the firm confirmed that the password and email data of their clients had indeed been leaked on Twitter. The exchange has since sent out an email to all its users warning of potential account hacking threats following this incident.

Given the sensitivity of the leaked data, Poloniex has opted to force all current traders to reset their passwords.  According to an email sent out on Dec 30, the U.S based digital currency exchange saw this as the best course of action to protect its users;

“While almost all of the [leaked] email addresses listed do not belong to Poloniex accounts, we are forcing a password reset on any email addresses that do have an account with us, including yours.”

As it stands, the damage caused by this leak has yet to be quantified in terms of any compromised accounts. It seems Poloniex might just be cautious and trying to avoid any real hacks. In addition, Poloniex is still uncertain as to how the passwords and email addresses were posted on Twitter.

The Poloniex customer support team has consequently found itself in a difficult situation as some users of the exchange did not take the warning email seriously. In fact, one user took to Twitter claiming that the email was a scam claiming there wasn’t a need for any actions. This comment was quickly addressed by the Poloniex team who emphasized that the email sent out is real and urged the client to reset their password.

Poloniex and Tron 2019 Highlight

This recent threat to the Poloniex exchange is a big deal and could affect the platform’s volume. The firm has made considerable milestones over the course of 2019. Circle let go of the platform and informed US customers to remove funds by Dec 15th. Tron’s founder, Justin Sun became an “investor” and then the exchange has taken a heavy affiliation with TRX products.

Poloniex moved to acquire the TRXMarket as part of an expansion strategy of its line of products. The exchange went on to further add a super representative from the TRON team. Analysts within the industry speculate that their spin-off from Circle and integration with TRX is a step in the right direction for capital growth.

Read Original/a>
Author: Lujan Odera

Gemini’s GUSD Stablecoin Director Leaves the Company as Gemini Dollar Market Share Drops

Several sources have confirmed that Sarah Olsen, who was Gemini’s executive for corporate development, has left the organization. She was involved mainly in the stablecoin business for this excellent exchange platform.

The market share for Gemini’s stablecoin has gone down by almost 95%. That is even after attempts to boost the GUSD quantity in the market by the company. Sarah Olsen, who was a managing director at Gemini, who played a crucial role in the stablecoin for the company, was confirmed to have left the exchange according to sources that are familiar with this issue just recently.

Olsen has been in Gemini since 2017, and she first served in the department of business development as the head. She later became the managing director of the department of corporate development according to her LinkedIn profile. It is not known what she is planning to do next in her life or which company she will be joining. Block had requested Gemini for comments on the same issue, but Gemini has not yet given any response.

While at this exchange platform, Olsen took part in and performed a lot in pushing the company’s stablecoin, which is the Gemini dollar. She even published a paper in Oct. 2018 on stablecoins, where she showered the compliance status of the Gemini stablecoin with praises. Olsen said that the compliance status was crucial in curbing counterparty risk. The company was involved in this compliance with the state department for New York that deals with financial services.

During her reign as the managing director, Gemini made numerous efforts to raise their stablecoin’s market share. That included joining hands with SPEDN, which is a crypto wallet to enable the users to be able to utilize GUSD at local retail stores. Gemini also listed its stablecoin on BlockFi, which is a crypto lending platform.

Despite having done all these, GUSD’s market share continues to plunge. It has gone down to around $4,683,637, as reported to CoinMarketCap.

Read Original/a>
Author: Daniel W

IRS Source: Cryptocurrency Holders and Traders to be Audited by US Tax Collection Agency

A trusted source has confirmed that the Internal Revenue Service is going to conduct audits on cryptocurrency activities. The source said that the tax collection agency is planning to unleash a batch of audit notices. These new notices will be follow-ups to 10,000 letters that were initially sent in August.

The IRS has been focusing their attention on the cryptocurrency industry, and soon, audits will be done in the industry. Not many Americans were sure of what was entailed in the 10,000 letters sent in August.

However, multiple reports emerging show the IRS is increasing its review and investigations on substantial crypto investors. A statement by BeInCrypto stated that there was a new checkbox on 1040 form that asked individuals to avail information on whether they had exchanged, sent, or received any digital currency since 2013.

It was also well noted that failure to answer that question with utmost honesty would be a criminal offense. Many people were amazed because not only did this kind of study target the traders, but the holders also seemed to be a target here.

Audit Notices to Crytpo Users

Crypto Tax Girl reported that Judith McNamara who works with the IRS confirmed that the tax collection agency is going to send more audit notices. It is, however, uncertain whether everyone who received the August letter will secure an audit notice for the second time.

Letters sent out in August differed in what they required the recipients to do. Some were a kind of notification that the IRS was aware they were holding the cryptocurrency. Other letters demanded a proper response from the recipients and immediate action. This time around, however, it is expected that audit letters will dictate that there must be a response to the letter.

The IRS has been heavily criticized for using the old laws on new concepts and technologies such as cryptocurrencies. Clearly, the IRS is not welcome in the digital currencies space.

Read Original/a>
Author: Daniel W

China’s Central Bank Affirms That National Digital Currency Has No Timeframe For Launch

China has confirmed its plans to launch its own central bank-based digital currency but does not have a timeframe right now. This is what the local media outlet Global Times revealed after the local central bank, the People’s Bank of China, commented on the situation of the project.

The governor Yi Gang was quoted by the media outlet affirming that the bank still needs to evaluate some of the risks and to make more tests before the asset will be available for the population. According to him, the development of the national currency has moved quite a lot until now, but the country doesn’t have any timeframe for the launch at the moment.

Another deputy director of the bank, Mu Changchun, affirmed last month that the token was ready for launch, so the information is contradictory, to say the least. When we consider that the bank even denied the claims that the project existed some time ago, it is hard to say with some certainty how the project is faring.

Who Will Launch Its Crypto First? Facebook or China?

There is a lot of speculation going around right now on whether Facebook or China will release their token first. Libra has its launch scheduled for the end of 2020, but it is facing a lot of regulatory issues. China, on the other hand, would not face regulatory issues, but we are unsure about how complete the asset actually is.

Whoever takes the lead will have an important headstart in dictating how the world of centralized digital assets will work, despite the fact that Facebook and China will act on very distinct places.

Read Original/a>
Author: Daniel W