This Week in Crypto – 17th May 2024

Need to know what happened in crypto this week? Here is the latest news on weekly trends and events impacting Bitcoin, blockchain, DeFi, NFTs, Web3 and crypto regulation.

Over 1 million new cryptocurrencies have emerged since April, with memecoins fueling the surge. Meanwhile, lending protocol Sonne Finance and crypto firm BlockTower Capital suffered exploits, while an anonymous Solana contributor confessed to misappropriating funds. 

Amidst these events, El Salvador pioneered renewable Bitcoin mining, accumulating 5,750 BTC, and the Alex protocol bridge on BNB Smart Chain faced suspicious $4.3 million withdrawals after a contract upgrade, highlighting ongoing security challenges within the crypto space.

Explosion of New Cryptocurrencies: Over 1 Million Tokens Created Since April

The cryptocurrency space has witnessed an unprecedented surge in the creation of new tokens, with more than 1 million new cryptocurrencies emerging since the start of April. This explosive growth has been fueled by the launch of over 370,000 tokens on the Ethereum blockchain and a staggering 640,000 new tokens, mostly memecoins, on the Solana network.

Ethereum Layer-2 Network Base Becomes a Memecoin Hotspot

The Ethereum layer-2 network, Base, has emerged as a hotspot for memecoin developers seeking to leverage the network’s low fees to launch new tokens at minimal cost. According to reports, a whopping 88% of the tokens launched on Ethereum were through Base, indicating the growing popularity of this layer-2 solution among memecoin creators.

Conor Grogan, a director at Coinbase, highlighted the significance of this trend, noting that the number of tokens recently launched on Ethereum is twice the number of tokens ever created on the blockchain between 2015 and 2023.

Solana’s Low-Cost Development Platform Fuels Memecoin Frenzy

The Solana network has also witnessed a surge in new token launches, with the low-cost development platform pump.fun playing a crucial role. The platform has facilitated the creation of a staggering 640,000 new tokens, primarily memecoins, on the Solana network.

Implications and Concerns

While the explosion of new cryptocurrencies can be seen as a testament to the innovation and creativity within the crypto space, it also raises concerns about potential risks and challenges. The proliferation of memecoins and speculative tokens could potentially undermine the credibility and legitimacy of the broader cryptocurrency ecosystem.

Additionally, the ease of launching new tokens, particularly on low-cost platforms, might contribute to an oversaturation of the market, making it increasingly difficult for legitimate projects to stand out and gain traction.

As the cryptocurrency industry continues to evolve, it will be crucial for regulators, investors, and industry stakeholders to closely monitor these developments and address potential risks while fostering an environment that supports innovation and responsible growth.

Sonne Finance Suffers $20 Million Hack, Forced to Pause Operations

Lending protocol Sonne Finance was the victim of a major hack that drained $20 million worth of cryptocurrencies from its platform. 

The incident occurred on May 14, around 10:30 pm UTC, when Web3 security firm Cyvers detected an ongoing attack on Sonne Finance’s USD Coin (USDC) and Wrapped Ether (WETH) contracts.

Despite Sonne Finance becoming aware of the situation 25 minutes later, the hacker had already stolen $20 million in WETH, Velo (VELO), soVELO, and Wrapped USDC (USDC.e). As a result, Sonne Finance announced at 12:11 am UTC on May 15 that “All markets on Optimism have been paused.”

Investigation and Recovery Efforts

Sonne Finance has partnered with Cyvers to investigate the situation further and is exploring all options to retrieve the stolen funds, including negotiating a bug bounty for the hacker. 

In such cases, the hacker typically returns most of the stolen funds and keeps roughly 10% as a reward for finding a security flaw.

However, the hacker seems unwilling to negotiate, as blockchain investigator PeckShield reported that a large portion of the loot ($7.8 million) has already been moved to a new wallet address. 

The exploiter then swapped 59 WBTC for approximately 1,185 Ether (ETH) and 183,000 Dai (DAI), suggesting an intent to siphon the stolen funds through a privacy protocol like Tornado Cash to deter traceability.

Alleged Security Vulnerabilities and Criticism

Sonne Finance’s post-mortem found that a donation attack was conducted on Sonne’s Compound v2 forks, which had a known bug, according to X community member PoorBabyCorn. PoorBabyCorn accused Sonne Finance of using Compound v2 despite knowing the risks, questioning whether it was “a premeditated backdoor.”

BlockTower Capital Exploit and Dexible Incident

In parallel, reports surfaced that the main hedge fund of crypto institutional investment firm BlockTower Capital has been exploited and partially drained. 

BlockTower has employed blockchain forensic analysts to trace the funds and determine how they were breached, but the exploiter has not been arrested. 

The incident follows a previous exploit in February 2023, where BlockTower seemingly lost around $1.5 million in the $2 million exploit of the multichain exchange aggregator Dexible.

As the crypto industry continues to grapple with security vulnerabilities and exploitation incidents, this recent hack highlights the ongoing challenges and the need for increased vigilance and robust security measures to protect user funds and maintain trust in the ecosystem.

El Salvador Pioneers Renewable Bitcoin Mining, Holds 5,750 BTC

El Salvador has emerged as a pioneer in renewable Bitcoin mining, utilizing the country’s volcanic geothermal energy to mine a total of 474 Bitcoin worth $29 million since 2021. 

The Bitcoin was mined with power from the Tecapa volcano, using 300 mining processors, and the country has allocated 1.5 megawatts (MW) to cryptocurrency mining out of the 102 MW produced by the state-owned power plant.

In the face of increasing scrutiny over Bitcoin mining’s reliance on electricity and fossil fuels, El Salvador’s adoption of renewable energy mining has positioned the country as a leader in sustainable cryptocurrency practices.

Bitcoin as Legal Tender and Accumulation

In 2021, El Salvador made history by becoming the first country to adopt Bitcoin as a legal tender alongside the United States dollar. Since then, the government has implemented several Bitcoin-focused policies, including establishing a geothermal plant to mine BTC.

As of now, El Salvador holds a total of 5,750 BTC worth around $354 million, accumulated over three years. Despite facing criticism from global organizations like the World Bank for adopting Bitcoin, President Nayib Bukele has doubled down on his Bitcoin bet, announcing that the country would buy one BTC every day.

Renewable Energy Mining and Global Initiatives

Bitcoin mining and its use of fossil fuels have long been controversial topics in the crypto industry. Organisations like Greenpeace, backed by Ripple, have advocated for transitioning Bitcoin from proof-of-work to proof-of-stake. 

New York Governor Kathy Hochul signed a proof-of-work mining moratorium into law on November 22, 2023, making it the first state in America to ban any PoW crypto mining activity for two years.

In contrast, numerous reports have suggested that over 60% of Bitcoin mining relies on renewable energy sources. However, Elon Musk, who had pledged to incorporate Bitcoin as a payment method for Tesla cars after purchasing $1.5 billion worth of BTC, reversed his decision citing the negative environmental impact of mining. 

Musk stated that he would reconsider this move only when over 50% of Bitcoin mining operates on renewable energy sources, but he has yet to acknowledge these reports or implement a BTC payment option.

As the debate over sustainable Bitcoin mining continues, El Salvador’s embrace of renewable energy mining positions the country as a trailblazer in the industry, demonstrating the potential for integrating cryptocurrency practices with environmentally responsible energy sources.

Solana Exchange Cypher Protocol’s Core Contributor Confesses to Stealing Recovered Funds

In a shocking revelation, an anonymous core contributor to the Solana exchange Cypher Protocol has confessed to stealing and gambling away around $260,000 worth of the project’s cryptocurrency recovered from a $1 million exploit that occurred last year.

The contributor, known as “hoak,” admitted to the allegations in a public statement shared on X, saying, “The allegations are true, I took the funds and gambled them away. I didn’t run away with it, nor did anyone else.”

Background and Allegations

The allegations against hoak were initially brought to light by another anonymous contributor, “Barrett,” who posted a document on X alleging that a wallet owned by hoak made 36 transactions withdrawing various cryptocurrencies, including Ether (ETH), Bonk (BONK), and Wrapped Solana (wSOL), from Cypher’s redemption contract. The total amount of funds allegedly stolen was around $260,000.

Barrett expressed shock and disappointment, stating, “I never thought this would be a possibility, having a core contributor who stayed on after the exploit to try and rebuild the project be the one who rugged funds from the redemption contract.” 

They added that law enforcement had been notified of hoak’s alleged actions.

Hoak’s Confession and Explanation

In their statement, hoak acknowledged their actions, writing, “Likely nothing I say or do will make things better — perhaps other than rotting in jail.” They attributed their actions to a “crippling gambling addiction” and “multiple other psychological factors that went by unchecked for too long.”

Hoak detailed a series of personal and career issues, stating that they found footing with Cypher but failed “to innovate within the DEX design space.” 

They admitted to losing control, with their struggles impacting their personal and professional life, leading to erratic behaviors and an inability to meet deadlines.

The Cypher Protocol Exploit and Recovery Efforts

In August 2023, Cypher Protocol fell victim to an exploit, resulting in the loss of $1 million worth of Solana and USD Coin (USDC) at the time. 

The protocol managed to freeze $600,000 worth of the stolen crypto and later created a redemption contract and a recovery plan to pay back users for their stolen funds. However, hoak’s actions have now compromised those recovery efforts.

As the crypto community grapples with this shocking revelation, it serves as a reminder of the importance of transparency, accountability, and robust security measures within the industry, as well as the need to address the psychological and emotional well-being of contributors and employees.

Alex Protocol Bridge Suffers $4.3 Million Suspicious Withdrawals After Contract Upgrade

According to a report from the blockchain security platform CertiK, the Alex protocol bridge on the BNB Smart Chain network suffered $4.3 million in suspicious withdrawals shortly after its contract was suddenly upgraded.

The Incident

Blockchain data confirms that the Alex deployer account performed five identical upgrades to the “Bridge Endpoint” contract on BNB Smart Chain beginning at 3:56 pm UTC on May 14.

Approximately $4.3 million worth of Binance-Pegged Bitcoin (BTC), USD Coin (USDC), and Sugar Kingdom Odyssey (SKO) were subsequently removed from the BNB Smart Chain side of the bridge.

CertiK labeled the event “a possible private key compromise” since the upgrade was performed by the protocol’s deployer account. The upgrade transaction changed the implementation address to an unverified bytecode, making it unreadable to human beings.

Suspicious Transactions and Potential Attacker

Around 48 minutes after the upgrades began, the proxy address for the bridge contract called an unverified function on an address ending in 4848E. 

This resulted in the transfer of 16 BTC ($983,000 at current prices), 2.7 million SKO ($75,000), and $3.3 million worth of USDC to the address ending in 484E.

The attacker may also be attempting to drain funds on other networks. At 5:41 pm, just minutes after the suspicious upgrade on BNB Smart Chain, a similar series of Alex upgrades occurred on Ethereum. 

In this case, the deployer upgraded the “artist address” to an unverified contract. Immediately afterward, an account ending in 05ed attempted to make two withdrawals from the “team address,” but these withdrawals failed due to a “not owner” error.

The 05ed account had no history before May 10 and created three unverified contracts, indicating that it may be under the control of a malicious user.

Lack of Confirmation and Recent Exploits

At the time of publication, the Alex team has not confirmed the exploit or commented on the incident.

The Alex bridge wasn’t the only protocol to face a potential exploit in May. On May 13, the decentralized exchange Equalizer announced that it had lost more than 2,000 of its own tokens due to an attacker siphoning them away in small increments over several days. Additionally, the Gnus.ai hack on May 6 resulted in $1.27 million worth of losses.

These incidents highlight the ongoing security challenges faced by the cryptocurrency industry and the need for robust security measures and constant vigilance to protect user funds and maintain the integrity of the ecosystem.

Closing remark

The cryptocurrency industry continues to witness a whirlwind of events, ranging from the unprecedented creation of over 1 million new tokens to high-profile security breaches and exploitation incidents. 

As the space evolves, it becomes increasingly crucial for projects, developers, and stakeholders to prioritize robust security measures, transparency, and accountability. 

El Salvador’s pioneering efforts in renewable Bitcoin mining offer a glimmer of hope for sustainable practices, while the misappropriation of funds by trusted contributors serves as a stark reminder of the need for stringent governance frameworks. 

Amidst the chaos, the industry must remain vigilant, addressing vulnerabilities and fostering an environment that nurtures innovation while safeguarding user interests.

What are your thoughts on this week’s crypto news? Did any particular development stand out to you? Leave a comment below and let us know your perspective!

Ditch banking bottlenecks and soaring fees. Unleash the power of borderless blockchain payments with Zypto. Easily accept crypto from customers worldwide, convert to local currency instantly, and spend using virtual and physical crypto cards – no more outdated cross-border hassles.