The team behind Raydium hopes to use DAO treasury to compensate the hack victims.
Raydium, Solana-based Automated Market Maker (AMM), decentralized finance (DeFi) protocol and decentralized exchange (DEX), has shared additional information about its recent hack.
It appears that the hacker initially managed to obtain an admin pool private key held in a virtual machine. Based on Raydium’s team, it is unclear how the hacker managed to get the key from there, but they believe that the hacker infected the machine with a trojan program.
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe - We publish new crypto explainer videos every week!
What Are Oracles in Crypto? (Beginner Friendly Animation)
After obtaining the key, the hacker moved to withdraw transaction fees, which are located decentralized autonomous organization (DAO) treasury and are used for buybacks of RAY.
Usually, transaction fees are located in the liquidity provider’s pool until the admin withdraws them. However, the hacker changed these parameters and deceived the system, giving the hacker access to fees and funds. After obtaining the assets, the hacker manually swapped them for other tokens and transferred them to other wallets.
According to the tweet shared by the team behind Raydium, the company has issued an “initial proposal” on a compensation plan to the victims of the hack.
In the proposal, the Raydium team states that it will use its own unlocked Raydium tokens (RAY) to compensate investors who held RAY. However, the team does not own other cryptocurrencies, including stablecoins or non-RAY tokens.
Therefore, the company is asking the Raydium community to vote for the proposal of using a decentralized autonomous organization (DAO) treasury to purchase stolen tokens and give them to affected individuals.
The team behind Raydium ended its Twitter thread by thanking everyone in the Solana community.
Again, huge thanks for the patience and support Raydium has received from across the Solana community during this challenging time. It's been a long couple of days for everyone involved. Raydium looks forward to hearing the community's feedback and moving forward.
The attack against Raydium happened on December 16th, with a hacker disappearing with over $4 million worth of crypto.
