DeFi Sybil attack created $7.5B fake TVL on Solana from ‘anon’ developers Liam ‘Akiba’ Wright · 6 hours ago · 3 min read
How did two brothers from Texas create $7.5 billion worth of fake TVL on Solana and what is the wider implication for Sybil resistance in a decentralized, open-source ecosystem?
3 min read
Updated: August 5, 2022 at 11:21 am
Cover art/illustration via CryptoSlate
An investigation led by CoinDesk has revealed that two brothers — Ian Macalinao and Dylan Macalinao — used pseudonymous developer profiles to inflate the TVL on Solana by $7.5 billion.
The news is a warning to those who may be skeptical of the feasibility of a real-world Sybil attack on the crypto ecosystem. According to Binance Academy, a Sybil attack is “a kind of security threat on an online system where one person tries to take over the network by creating multiple accounts, nodes or computers.”
Kevin Owocki, Co-Founder of Gitcoin, opened EthCC by speaking about the potential risks of Sybil attacks in his talk “Sybil Resistance for a more democratic web3.” The rising popularity of the concept of DeSoc, social graphs, and Soulbound tokens coincides with the desire to reduce the likelihood of effective Sybil attacks.
However, to answer the question of whether this is a real threat, we can look to the report from CoinDesk that details how the Macalinao brothers were able to create fake developer profiles to simulate community development.
In the world of web3, anonymous developer profiles are far more common than in other industries, with the most famous crypto developer being the notorious Satoshi Nakamoto, creator of Bitcoin.
Developer meetings in web3 often look like the below Google Meet call, with all participants contributing from behind their virtual identities.
My favorite kind of meetings are @_ledao 🥐 townhalls.
Talking about 1/1 art with an elite crew. When are you joining the pâtisserie, anon? pic.twitter.com/TUH83ShU25
— Trade For Tendies 🥐 (Solana Developer) (@immature69) August 3, 2022
A Hackermoon article from February 2022 commented on the current state of anon developers in crypto:
“If Satoshi was present to witness how we have tweaked anonymity to suit our preferences, he might have to reconsider his stance on decentralization. Because total decentralization would cripple adoption, especially now that scams keep springing up.”
The Macalinao brothers
According to the CoinDesk investigation, Ian Macalinao has been building projects as “11 purportedly independent developers” to create an inflated TVL on the Solana blockchain. CoinDesk alleged Ian authored an unpublished blog post from March 26 that reads:
“I devised a scheme to maximize Solana’s TVL: I would build protocols that stack on top of each other, such that a dollar could be counted several times… I believe it contributed to the dramatic rise of SOL”
The brothers used various anonymous identities to build a network of protocols that would utilize double-counted assets to inflate the total TVL of the ecosystem artificially. Ian allegedly explained, “I wanted to make it look like a lot of people were building on our protocol;” — a prime example of a Sybil attack.
Dylan even went as far as to personally tweet that he felt “comfortable staking [his] own crypto in [the] project” Sunny Agreggator, now believed to have been developed by the brothers.
The pair appear to have used their public identities to shill projects they worked on to bolster adoption anonymously. In the below tweets, the alleged pseudonyms for Ian Macalinao, Surya Khosla, and GokiProtocol seem to have thanked themselves for building web3 tools for the community.
Big thanks to @simplyianm for launching this tool. We should have claims up soon once he finishes up his audit of our SPQR program. https://t.co/yggc0o2mYz
— veSurya Khosla (☀️,🇮🇳) (@SuryaKhosla) April 2, 2022
Huge fan of @GokiProtocol and what they’re doing for @Solana UX.
Take a look! https://t.co/c1Byzrwk5N
— ian.move ↗️ (@simplyianm) September 4, 2021
The CoinDesk article explains in detail how the brothers manipulated the Solana DeFi ecosystem, which came at a time when Solana was just rocked by the Slope Finance wallet exploit.
The Gitcoin passport aims to tackle the issue highlighted by fake developer profiles by allowing builders to “grow a decentralized identity record with various credentials about you.”
Soulbound tokens (SBTs) are another technology that can help build Sybil resistance through non-transferable NFT tokens tied to a specific wallet. When Vitalik Buterin, founder of Ethereum, introduced the concept of SBTs, he stated, “a common criticism of the “web3″ space as it exists today is how money-oriented everything is.”
The alleged exploitation of the Solana DeFi ecosystem by the Macalinao brothers reinforces the strength of Vitalik’s criticism. The brothers allegedly built an elaborate network of DeFi projects to inflate the TVL of DeFi on Solana — a monetary goal.
Vitalik concluded his presentation on SBTs by declaring, “we need more effort on thinking through and solving these challenges” about the transferability of “identity objects” in the web3 space. One core “identity object” is the identity of developers building in an open-source ecosystem.
While decentralization and “DeSoc” may be a long-term goal for many in web3, a critical problem that has not yet been resolved is that of Sybil resistance. If two young developers from Texas can fool an entire ecosystem of the existence of $7.5 billion, then something is not right.
If you are building a project that looks to solve the Sybil attack vector on the crypto industry, contact CryptoSlate via the email or Twitter links above.
CryptoSlate reached out to the Macalinao brothers but did not receive an immediate response to requests for comment.
Aave confirms TRM Labs API blocked “dusted” Ethereum wallets – access restored
Aave confirms TRM Labs API blocked “dusted” Ethereum wallets – access restored Liam ‘Akiba’ Wright · 5 hours ago · 2 min read
Users regain access to Aave’s front end after compliance API flagged Tornado Cash-dusted wallets.
2 min read
Updated: August 14, 2022 at 11:10 pm
Cover art/illustration via CryptoSlate
Aave has confirmed that the ban list provided by TRM Labs included Ethereum wallets that had been “dusted” with 0.1 ETH through Tornado Cash. The falsely flagged wallet addresses have now been removed from the “sanctioned” addresses and are again able to connect to the Aave front-end.
The ban issued by Aave only stopped users from interacting with its IPFS-hosted web interface for the Aave protocol. Users could still connect via CLI or forking the front-end to host in their environments. While this was far from ideal for those expecting to be able to use a clean UI, it did mean that everyone still had access to their funds in some way or another.
With the issue happening over the weekend, CryptoSlate has not been able to obtain a response to requests for comment from Aave. However, the Aave official Twitter account released an eight-tweet announcement regarding the issue.
Aave confirmed that the TRM Labs API was responsible for banning users connected to Tornado Cash, as reported by CryptoSlate on Saturday. The move to add the API was said to have been an “integration [that] was both critical & urgent.”
1/8 The Aave team’s top priority is building a safe & secure system for users. We integrated TRM’s API on the Aave IPFS frontend, which is why some users may be experiencing trouble accessing the Aave app, one of the frontends to the Aave Protocol.
Read 👇🏼 for more info
— Aave (@AaveAave) August 13, 2022
Aave’s direct response to banning dust attack victims was to confirm that it had “mitigated” the issue.
“The team mitigated these issues by immediately addressing this, and we continue to evaluate responsible and reasonable risk mitigation given the circumstances.”
In a forward-looking statement, Aave declared:
“The Aave team will continue to innovate. We encourage the community to remain engaged and actively fight for open and fair finance.”
The speed at which Aave was able to reactive the innocent addresses is to be commended. However, the sanction of addresses without knowledge of their connection to illegal activities sets a potentially dangerous precedent.
CryptoSlate has created opened lines of communication with TRM Labs and will provide further updates.
Why there’s more to Fantom’s dApp ecosystem than what meets the eye
The ever-growing Web3 space is continuing to find supporters in the market to make sure that it prospers into the next big thing. In fact, this is one space that is driven by the likes of Fantom.
Backing its most-recent efforts is Cypher Capital, with the latter intending to bring more to the table with its funding.
Not a Fantom
In what is the latest addition to the Venture Capitalists roundtable, Cypher Capital has now invested in Fantom. Its strategic funding plans to support projects and developers on the Fantom network.
With this partnership, Cypher Capital will be able to fund and further projects across Web3, DeFi, and gaming. At the same time, the same will help provide early-stage backing and solution expertise.
Fantom has always been one of the biggest DeFi chains, both in terms of total value locked as well as the number of projects existing on the chain.
As a top-10 chain, Fantom, at press time, held $650 million in TVL spread across 257 protocols – The fourth-highest for any blockchain.
In fact, partnerships such as the aforementioned are bound to propel Fantom into the limelight. Especially since the DeFi market is still recovering from the recent crashes that wiped out more than $80 billion in just 2 months.
This lag will give Fantom just the room it needs to establish itself as an important player in this field.
This may be because on the investor front, the chain has been struggling to keep its investors’ faith in the asset intact. Over the last month and a half, investors’ presence has seen slight changes, with some leaving and some others entering.
The ridges seen on the metric seemed to indicate the same too.
However, demand for the asset is still keeping its price at an incline, with the same hiking by 81.08% in 2 months.
Now, it’s worth pointing out that this doesn’t compare to the massive 87.93% drawdown from its all-time high in January.
Even so, thanks to the broader market’s recent cues, FTM is taking a step in the right direction.
As long as the asset isn’t overbought, it is safe from noting a trend reversal as $0.5 is the next critical support target for Fantom.
8liens sweeps NFT market WITH 253% surge, but what of CryptoPunks, BAYC
The wider Ethereum [ETH] NFT market did not note any spine-tingling milestones recently, despite the altcoin hitting $2,000. In fact, sales volumes across ETH NFTs saw a 3.38% fall over the last 24 hours, according to CryptoSlam.
However, there was some eye-catching activity in the same ETH NFT market. No, it was not about Crypto Punks or Yuga Labs-backed Bored Ape Yacht Club [ BAYC].
Aliens over Apes?
According to CryptoSlam’s data, “genderless” NFT collection 8liens was the best-performing NFT in the last 24 hours. The NFT collection recorded over $3 million in sales volume within the said period. These 3,374 transactions that added up involved 1,672 buyers.
The aforementioned figures were way higher than the activities recorded within the BAYC and CryptoPunks ecosystems. Now, although they both registered an uptick, it was lower than the one 8liens recorded. In fact, CryptoPunks’ 24-hour sales volume hiked by 79.62% to hit $2.83 million while BAYC only went up a paltry 4.58% to $1.38 million.
At press time, 8liens traders’ profit was an average of 32.90% with active wallets up by 122.70% to hit 2,886.
Despite the said uptick, however, 8liens was still down from its floor price of 0.62 ETH on 11 August. At the time of writing, the lowest-priced 8liens asset was worth 0.298 ETH. However, it’s worth pointing out that its position has improved since the market was last looked at.
Can’t tame the bear
With the crypto-market recovering, NFT traders might be expecting the market to follow. However, it might not yet be time for a full-blown gain season. This, because the entire NFT ecosystem has not shown signs of a complete revival with an aggregate 1.80% decline in the last 24 hours.
Other blue-chip collections including Sorare and Otherdeed also noted declines in their 24-hour sales volumes. Sorare was down 51.88% while Otherdeed’s fell by 20.02%. Additionally, Moonbirds was not left out as it went down by 42.07%.
While 8liens surged, the chances of the NFT market claiming bullish momentum are still low. In fact, NFTGo reported that the global market cap was down 11.33% over the last three months. Also, the market was far from reaching the trader count within the same period. In fact, buyers were down 29.32% to 440,644 while the overall number of traders also declined to 658.092.
․bit Raises $13M To Build Cross-Chain Decentralized Identity Protocol
sponsored .bit (did.id) has raised $13 million to build a cross-chain decentralized identity protocol. The Series A round, completed one...
What a complete yolk! Comparing Bitcoin to Eggs and why it matters
What a complete yolk! Comparing Bitcoin to Eggs and why it matters Liam ‘Akiba’ Wright · 4 seconds ago ·...
Biggest Movers: SHIB Remains Near 3-Month High, Whilst LEO Hits 2-Week High
Shiba inu remained close to a three-month high to start the week, after breaking out of a key resistance level...
Why Hashing Is Critical In Ensuring Sage Encryption In Cyber Security
Hashing is really important for integrated encryption in cyber security Assuming you work in the innovation or cyber security industry,...
Bitgert (BRISE) Marketcap To Explode Past Baby Doge And Safemoon (SFM) This Month
Bitgert’s massive developments that include adding disruptive products and projects to the Brise ecosystem are key skyrocketing Bitgert marketcap. The...
New Brazil bill wants to tokenize mined gold on blockchain
New Brazil bill wants to tokenize mined gold on blockchain Oluwapelumi Adejumo · 60 mins ago · 1 min read...
Solana Price Climbs To $47 As SOL Bulls Outshine Pesky Bears
Solana (SOL) price has locked its sights on the goal from day one. Solana’s price is extremely bullish Price spiked...
President Of Central Bank Of Brazil Disagrees With ‘Heavy Hand’ Regulations For Cryptocurrencies
The president of the Central Bank of Brazil, Roberto Campos Neto, has defended the use of more moderate regulations in...
Interlay launches Bitcoin-backed stablecoin iBTC on Polkadot network
Interlay launches Bitcoin-backed stablecoin iBTC on Polkadot network Samuel Wan · 1 hour ago · 2 min read The new...
TA: Top 5 Crypto You Should Watch This Week – BTC, ETH, BNB, GMT
Top 5 Crypto You Should Watch This Week, with many crypto altcoins producing price gains of two or more digits....
Bitcoin, Ethereum Technical Analysis: BTC Lower, Following Brief Rally Above $25,000
Bitcoin was trading lower to start the week, after the token briefly rose above $25,000 during Sunday’s session. As of...
Monero enhances privacy, security features with new upgrade
Monero enhances privacy, security features with new upgrade Oluwapelumi Adejumo · 2 hours ago · 2 min read The Monero...
Report Shows Crypto Assets Record Steady Growth As Inflation Lowers
The United States’ newest release on its inflation rate for July has created a celebration reason for many, especially the...
MANA’s network activity could bring forth a shorting opportunity here
Every once in a while, cryptocurrencies go through a phase where volumes contract and prices are restricted within a narrow...
Monero (XMR) Climbs Over 7% Before Weekend Hard Fork
Monero (XMR) price has surged by as much as 7% in a matter of 24 hours before network upgrade or...
USDT supply up almost $2B over 30 days, USDC supply falls after blocking Tornado Cash linked wallets
USDT supply up almost $2B over 30 days, USDC supply falls after blocking Tornado Cash linked wallets Oluwapelumi Adejumo ·...
GameFi as a major achievement of the Korean Wave (Hallyu) movement
July 15th was a music milestone. Ten years ago in Summer 2012, the release of “Gangnam Style,” catapulted South Korean...
Ripple lawsuit: SEC receives another shock after latest court ruling
American watchdog SEC took a recent hit as the battle against Ripple moved into an interesting phase this week. There...
Barry Silbert7 days ago
Ethereum Co-Founder Vitalik Buterin Downplays Ethereum PoW Fork, Hopes It ‘Doesn’t Lead To People Losing Money’
Altcoins7 days ago
PERP-etually Optimistic: Tracing the road for this prodigal DEX going forward
Altcoins7 days ago
Polkadot: Unraveling the effects of the latest rally on DOT’s technicals
Altcoins7 days ago
With a 100% rally behind it, is it time for AVAX to finally stop
Analysis3 days ago
Bitcoin, Ethereum Technical Analysis: BTC Hovers Below $24,000 On Friday, As Crypto Markets Consolidate
$15 million loan3 days ago
Bitcoin Mining Operations Continue To Expand Amid The Crypto Winter, While Converting ‘Wasted Gas To Energy At Scale’
587500000000000000000004 days ago
ETH PoS Upgrade To Transition On September 15 To 16 — Ethereum Devs Reveal ‘Tentative Mainnet TTD’ For The Merge
Blockchain3 days ago
Study: Number Of People Working In Blockchain Industry Went Up By 76%, Large Gap In Demand For Technical Talent Exists