Bizarre $15 Million Eminence Hack An Unfinished Project by Andre Cronje
Andre Cronje is the new rising star of the crypto scene thanks to the success of his DeFi protocol and coin Yearn Finance (YFI). This time round, the FOMO (fear of missing out) for his latest project got so big that hackers entered his coding as he slept and drained funds from it as it was still in the development phase.
The story reminded me of the Yam craze back in the second week of August which was the first sign on the wall that something was off in the world of DeFi. Yam was essentially the first of the meme food coins that threw the world of DeFi into despair during the second half of august (think of the hype surrounding Sushi, Kimchi and HotDog for other example).
i’m sorry everyone. i’ve failed. thank you for the insane support today. i’m sick with grief— belmore? (@brockjelmore) August 13, 2020
At the time, Twitter account @brockhelmore, the developer for Yam, launched his DeFi project onto the crypto scene and was immediately met with heavy funding, to the tune of several hundreds of millions of dollars. Two days later the fairy tale story ended when a bug in the coding was found in essence making it “impossible to take any future governance actions.”
After a month of interim governance and auditing, YAM is set to relaunch on Friday, September 18.— Yam Finance (@YamFinance) September 14, 2020
Please see here for full information: https://t.co/1Mra5biT59
You can view the audit here:https://t.co/VhITXIBIN3
The discovery rendered the project immediately obsolete and the community threw in the towel. The developer apologized and started working on Yam2. It was the first time that Ethereum CEO Vitalik Buterin warned about the dangers of DeFi development.
Meanwhile, coder Andre Cronje looked on at the Yam story, at the Sushi hype, at the rise and fall of Chainlink and continued developing his very own Yearn Finance protocol, which had launched in the background to great success at the end of July.
As I am receiving a fair amount of threats, I have asked yearn treasury to assist with refunding the 8m the hacker sent. The multisig is safer and as such I feel more comfortable with them having the funds. Funds will be returned to holders pre-hack snapshot. https://t.co/wbputn5hYD— Andre Cronje (@AndreCronjeTech) September 29, 2020
The story has been such a sellout ever since that Andre developed Eminence, an unfinished “economy for a gaming multiverse” as he called it.
I am still building @eminencefi. I love the metaverse and metaconomy.— Andre Cronje (@AndreCronjeTech) September 29, 2020
I am also going to continue deploying test contracts. I have over ~100 deployed contracts, of which probably >half have vulnerabilities.
Please wait for official announcements.
While investors couldn’t wait and, above all, didn’t want to miss out, they poured money into the unfinished protocol, roughly for a value of $15 million. As Andre went to sleep on 28 September, someone hacked into project and drained the funds, before bizarrely also returning some 8 million back to his account.
3AM I was messaged awake to find out a) almost 15m was deposited into the contracts b) the contracts were exploited for the full 15m and c) 8m was sent to my yearn: deployer account.
1/x First, the data;— Andre Cronje (@AndreCronjeTech) September 29, 2020
1. Yesterday we finished the concept behind our new economy for a gaming multiverse. Eminence. As per my usual methodology, I deployed our staging contracts on ETH so we can continue developing on it.
2. Eminence is at least ~3+ weeks still away
Cronje explained the ordeal a few hours ago in a bunch of tweets and stated he would try and solve it as soon as possible.
Given the closeness to the KuCoin hack, can we start speaking of a new hackers plague that is upsetting the crypto world altogether, or is that too soon?