Announcements

Chainswap Exploit Aftermath – Detailed Analysis

Chainswap recently fell victim to another hack which led to a significant impact on several projects partnered with the platform to swap tokens between Ethereum and Binance Smart Chain. The hackers exploited a potential loophole in the platform’s smart contract protocol, stealing crypto-assets valued at over $8,000,000. This is the second security breach that Chainswap has fallen victim to within a month. 

Here is a list of the developments we are aware of and our plan of action to ensure trustworthiness among the investors and partnered exchanges. 

How the hack took place

On Saturday (July 11, 2021), hackers took advantage of a vulnerability in the exchange’s smart contract code and stole the tokens of nearly a dozen projects, including Unifarm, Oropocket, Umbrella Network, Dafi, Razor, Antimatter and many others.

According to Chainswap, only the smart contracts of the projects have been affected and not the wallets that interacted with the platform. The decentralized exchange has also contended that funds from individual wallets are completely safe, and those suffering a hit from the breach are the ones who had stored crypto assets in wallets within the targeted exchanges. 

Our Plan of Action

While the impact of the hack on Unifarm ($UFARM) and Oropocket ($ORO) tokens was minimal, we strive to keep the community’s faith in us intact. Here’s how we are intended to act in light of the recent developments: Nothing changes in Unifarm as we go ahead with the staking as scheduled, unperturbed by the unscrupulous and condemnable act. Our contracts and tokens, except a few (1458053.939076000000008192 ORO and 18006434.862154000000012288 UFARM tokens on Ethereum chain), are unaffected and continue to be secure.  

Keeping our promise of reliability and steadfastness, we have burnt the compromised $ORO tokens in the hackers’ wallet. Here is the link to the transaction hash: https://etherscan.io/tx/0x8852047ff109f26754734c3e018df29acddde2e81fed20c65ed99b143a02ce83 

Moreover, the $UFARM tokens on the Ethereum chain were also locked so that they could not sell. Here is the link to the transaction hash: https://etherscan.io/tx/0x49263f94f0e1b88a7543c8f162c4be5acfb074b2834ce17d0f0b115657f56f0c 

To set the seal on trustworthiness, we will be redeploying the contract and new tokens will be published under a more structured process with a turnaround time of 48 hours.  

The token address on Ethereum remains the same for ORO and UFARM. However, on BSC, we have to redeploy the tokens. ORO: 0xc3Eb2622190c57429aac3901808994443b64B466 | UFARM: 0x40986a85b4cfcdb054a6cbfb1210194fee51af88 

Liquidity has been added to Uniswap v3 for UFARM/ETH pair:https://info.uniswap.org/#/pools/0xcf4c6d29557443b3d3c9238c919338b0d6155aa7 

Liquidity has been added to Uniswap v3 for ORO/ETH pair: https://info.uniswap.org/#/pools/0x70bc703dd5ced7d461ec5b3009e0a2d685ef20f5

To enhance the safety of crypto-assets and tokens, we have been working on our assets bridge to swap tokens between Ethereum and BSC, which will be extensively tested and audited to ensure a hassle-free experience. Once the bridge is launched, we will not be dependent on Chainswap for token swapping. 

Also, we would be reaching out to the worst-hit projects like Umbrella, Razor, Dafi, Nord, Black and Acer to know their damage-control measures and brainstorm the future course of action. 

Fortunately, our project was the least affected amongst all in this hack, owing to the strict vigil and blockchain technology involved to avoid fraudulence. We remain committed and continue to strive towards progress of our community. 

Team Unifarm and Oropocket 

Note: This blog was originally published on blog.oropocket.com.

One thought on “Chainswap Exploit Aftermath – Detailed Analysis

  1. Pretty great post. I simply stumbled upon your blog and wished to say that I’ve really enjoyed surfing around your weblog posts. After all I will be subscribing to your rss feed and I hope you write again soon!

Leave a Reply

Your email address will not be published. Required fields are marked *