Thursday, 28 March 2024
Trending

Crypto News

CertiK, zkSync to launch compensation plan for $2M Merlin DEX exploit

CertiK, zkSync to launch compensation plan for $2M Merlin DEX exploit


Blockchain security firm CertiK is launching a compensation plan with Ethereum layer-2 scaling platform zkSync Era to cover the $2 million lost during a public sale of decentralized exchange Merlin’s MAGE tokens.

In a statement to Cointelegraph on April 26, CertiK reiterated it is investigating the exit scam and has also enlisted the remaining Merlin team to initiate the compensation plan. It said:

“Initial investigations indicate that the rogue developers are based in Europe, and CertiK will collaborate with law enforcement authorities to track them down if direct negotiation is unsuccessful.”

The blockchain security company is urging the rogue developer to return 80% of the stolen funds, conceding 20% as a white hat bounty.

The firm also pointed out that private key privileges are “committed to assisting impacted users” despite them being outside the scope of a smart contract audit.

Merlin lost about $850,000 worth of USD Coin (USDC) and some more relatively illiquid tokens on April 26 during its three-day MAGE tokens public sale without any hard cap. Blockchain data suggests that an exploiter with control over the liquidity pool was able to easily siphon the funds.

CertiK, which audited Merlin’s code, responded with its initial findings pointing to a “potential private key management issue.”

Crypto Twitter questioned the CertiK audit, implying that there might be a rug pull.

Verichains founder Thanh Nguyen alluded to a “backdoor” present in Merlin’s code, saying it is a “clear security risk as there is no use case that requires its approval.”

Click Here to Read the Full Original Article at Cointelegraph.com News…