Cypher Protocol, a decentralized exchange (DEX) based on the Solana network, has disclosed that more than half of the funds stolen from its platform have been frozen across various centralized exchanges (CEXs). This comes as the latest development in the $1 million exploit of the protocol.
On August 7, 2023, Cypher Protocol reported a breach of its security, which caused the unauthorized withdrawal of 38,530 Solana and $123,184 USDC tokens. This attack prompted the protocol to halt its smart contract to prevent further unauthorized access.
Bitcoinist reported that the hacker tried to immediately cash out the stolen funds via centralized exchanges, transferring 30,000 USDC to Binance’s Solana USDC address in one transaction. However, it appears that most of these funds will not be leaving the exchange following Cypher’s successful recovery attempt.
Cypher Protocol Employs The Help Of On-Chain Investigators
Cypher Protocol has revealed – via a post on X (formerly Twitter) – that $600,000 of the stolen funds have been frozen across multiple centralized exchanges. The DeFi platform mentioned that this recovery attempt was largely a success due to the help of various blockchain investigators.
Specifically, Cypher dedicated a “Thank You” message to popular on-chain sleuth ZachXBT, claiming they were pivotal to the freezing of the funds across various CEXs. The protocol’s team also stated that ZachXBT was also helpful in tracking the attacker and the loot.
Cypher Protocol also stated that the complete recovery of these funds will be dependent on the cooperation of the centralized exchanges and the issuance of seizure warrants by the appropriate law enforcement agencies.
Prior to this positive development, the Cypher team managed to initiate contact with the hacker, offering them a 10% white hat bounty worth an estimated $120,000. However, this bounty was opened up to the public two days later after the attacker reportedly missed the deadline.
Cypher Releases Pro-Rata Redemption Plan
On August 16, Cypher Protocol published a redemption plan – based on the “socializing losses” mechanism – to distribute the remaining assets to affected users. “Socializing losses” refers to a mechanism by which the effects of an unfortunate event, like a protocol exploit, are shared across all users rather than being borne by a few.
According to the proposed plan, users will receive a portion of the remaining assets pro rata, i.e. based on their share or involvement in the protocol. “The value used for redemption in relation to a margin account will be based on a snapshot of the account’s assets at the time the protocol was frozen,” Cypher added.
Finally, Cypher Protocol mentioned that the redemption phase will “undergo a thorough audit and will be open-sourced”.