A Real-World Million Dollars DeFi Incident Response

Victor Fang, AnChain.AI, 2020/10

Disclaimer: Based on a recent real world incident response conducted by AnChain.AI team in San Francisco. Due to the client’s confidentiality agreement, this article has removed all PII data.

Image for post
Image for post

1 — The million dollar cat lost in quantum state

“Victor, there? ”t

A text message from my investor. It was 8:27pm in San Francisco.

I frowned. When a VC calls at night, it is either something extremely good, or extremely bad.

I had a feeling it was going to be bad:

“My friend’s Metamask got hacked. DeFi. Millions. 😢 ”

I texted back: “Ask them to call me.”

Minutes later, a “650-” phone number called. Catherine, in a trembling anxious voice, explained what happened. She’s an investor in a San Francisco based VC firm, and her Metamask wallet was hacked. …


The 2 things AI can tell you in the 2020 crypto bull market

For the second year in a row, AnChain.AI partnered with the Berkeley Data-X course to offer mentorship and support in leveraging the latest mathematical techniques and tools to solve highly relevant industry problems with the most impact.

This year’s data science innovation project aimed at finding signals that could provide insights into Bitcoin price movements. We found those, and went one step further!

The AnChain.AI Bitcoin Prediction team, who made it to the top 3 projects of the entire class, created a Bitcoin dashboard that forecasts the price, displays real-time trading signals, and shows live sentiment of users on Twitter. …


Image for post
Image for post

$11.5 billion: this is what ransomware cost the United States in 2019, up nearly $4 billion from the previous year. But the impact of ransomware goes far beyond the monetary; ransomware groups have specifically targeted vulnerable groups, even targeting overburdened hospitals in the midst of the ongoing COVID-19 pandemic.

From the time of its inception circa 1989 until the present, the ransomware defense playbook has remained frustratingly thin. For an attack that is startlingly easy to launch, that has become an industry all its own with the rise of RaaS (Ransomware as a Service), the numbers are disheartening.


Image for post
Image for post

A New Way to Trade

Don’t trade blind.

Are you ready to ride the leading the edge of the next Bitcoin surge? Looking for the next big moonshot? Wondering which altcoin will be the next big thing?

See and hear it all with QTF, your hedge on crypto market understanding.

QTF is a crypto analytics platform that allows you to unravel the cryptocurrency market and discover correlations between digital asset values and key market variables, helping you make more informed decisions while minimizing investment risk.

What You’ll Get

  • Unmatched Data Catalog: Get all the relevant data, the latest news, and the most relevant market movements in one place. …


Image for post
Image for post

What kind of manpower is required to explore a cryptocurrency500+ DeFi Detectives tracing over 25,000 distinct transaction trails and billions of dollars in cryptocurrency unraveled some of the most critical mysteries of the DeFi ecosystem in just 2 weeks! From the biggest whales in the ecosystem, to its most definitive hacks and controversies, our participants solved mystery after mystery in pursuit of the grand prize.

DeFi Detectives attracted fierce competitors from all walks of life, from experienced blockchain security specialists like winner Peter Kacherginsky, Principal Blockchain Security Engineer at leading exchange Coinbase, to students, bartenders, and active-duty military, the diversity of our participants may be the thing we’re most proud of. …


Last night, seemingly without cause, Bitcoin’s price plunged by 3%, a $6.3 billion dip in its total market cap. Slowly, over the course of the ensuing hours, the news trickled in: cryptocurrency exchange OKEx suspended withdrawals amidst an investigation by Chinese authorities.

Image for post
Image for post

Four questions naturally arise:

  • What happens before a Bitcoin price jump or drop?
  • What are the main drivers?
  • Is there any way we can predict it before it happens?
  • Who are the main players responsible for that price change?


To view the full version, including a more detailed analysis of the code, visit our Github here.

Background

On Sep 20, 2020, the liquidity mining project DeFi Soda.Finance was hacked by malicious actors, who subsequently liquidated over 400 ETH (around $160,000) from the Soda loan pool. In this blog, we will walk thru the hack incident, and show how we can apply formal verification could have prevented it.

Image for post
Image for post

Here are some screenshots of the hacking transactions:


In just the first half of 2020, over $8 Billion in transaction volume passed through cryptocurrency mixers. Major exchanges such as Binance have become increasingly wary of any affiliation with mixer transactions. But what exactly is a cryptocurrency mixer? What does it do? How does it work?

Image for post
Image for post

CoinJoin, Wasabi, Whirlpool, and more. Most have heard these names, many more have used these and other services, but taking a deeper look into their methods will help us all better understand why exactly they are so controversial.

The Fundamentals

For the most part, cryptocurrency mixers do exactly what their names would imply: they provide services that mix and shuffle cryptocurrency. For a small fee, mixers allow users to obscure the exact chain of custody of their funds and, consequently, secure their privacy. …


Image for post
Image for post

AnChain.AI, the leading blockchain security firm, has announced that Gala Games, the blockchain gaming platform headed by the legendary Zynga co-founder Eric Schiermeyer, has successfully passed its comprehensive smart contract security audit.

AnChain.AI performed a rigorous security audit of the Gala smart contract, ensuring that all implementations are following best practices on all attack surfaces. By leveraging both the patented CAS auditing sandbox and expert manual audit, it covers: static, dynamic, and statistical analysis, business logic auditing, gas analysis and governance auditing. The successful completion of this security audit provides the highest degree of community confidence and protection.

Said AnChain.AI CEO and Co-founder Dr. Victor Fang of the engagement, “In 2018, MIT Tech Review featured AnChain.AI 3 times in a widely circulated article regarding blockchain security. In the past 2 years, we are proud to be trusted by industry leaders like Eric Schiermeyer, who prioritize the decentralized community’s digital asset security above all…


Image for post
Image for post

Welcome detectives! Not sure where to start your investigation? Not to worry, we’ve created this quickstart guide with the specific intention of giving you a head start in your DeFi sleuthing.

If you still have questions that need answering, leave a comment, reach out to us on Twitter @AnChainAI, or email us at info@anchain.ai

Signing Up

You’ll need to sign up in order to be eligible to win over $700 in ETH prizes or participate in the raffle! If you haven’t signed up already, you can do so here.

The Case Files

DeFi Detectives features two different case files to provide ample challenge for detectives of all experience levels. …

About

AnChain.AI

Blockchain data analytics firm providing security, risk, and compliance solutions.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store