Connect with us

DeFi

DeFi Sybil attack created $7.5B fake TVL on Solana from ‘anon’ developers

Published

on

DeFi Sybil attack created $7.5B fake TVL on Solana from ‘anon’ developers

DeFi Sybil attack created $7.5B fake TVL on Solana from ‘anon’ developers Liam ‘Akiba’ Wright · 6 hours ago · 3 min read

How did two brothers from Texas create $7.5 billion worth of fake TVL on Solana and what is the wider implication for Sybil resistance in a decentralized, open-source ecosystem?

3 min read

Updated: August 5, 2022 at 11:21 am

Advertisement

Cover art/illustration via CryptoSlate

An investigation led by CoinDesk has revealed that two brothers — Ian Macalinao and Dylan Macalinao — used pseudonymous developer profiles to inflate the TVL on Solana by $7.5 billion.

Sybil Attacks

The news is a warning to those who may be skeptical of the feasibility of a real-world Sybil attack on the crypto ecosystem. According to Binance Academy, a Sybil attack is “a kind of security threat on an online system where one person tries to take over the network by creating multiple accounts, nodes or computers.”

Kevin Owocki, Co-Founder of Gitcoin, opened EthCC[5] by speaking about the potential risks of Sybil attacks in his talk “Sybil Resistance for a more democratic web3.” The rising popularity of the concept of DeSoc, social graphs, and Soulbound tokens coincides with the desire to reduce the likelihood of effective Sybil attacks.

However, to answer the question of whether this is a real threat, we can look to the report from CoinDesk that details how the Macalinao brothers were able to create fake developer profiles to simulate community development.

Advertisement

In the world of web3, anonymous developer profiles are far more common than in other industries, with the most famous crypto developer being the notorious Satoshi Nakamoto, creator of Bitcoin.

Developer meetings in web3 often look like the below Google Meet call, with all participants contributing from behind their virtual identities.

My favorite kind of meetings are @_ledao 🥐 townhalls.

Talking about 1/1 art with an elite crew. When are you joining the pâtisserie, anon? pic.twitter.com/TUH83ShU25

— Trade For Tendies 🥐 (Solana Developer) (@immature69) August 3, 2022

A Hackermoon article from February 2022 commented on the current state of anon developers in crypto:

Advertisement

“If Satoshi was present to witness how we have tweaked anonymity to suit our preferences, he might have to reconsider his stance on decentralization. Because total decentralization would cripple adoption, especially now that scams keep springing up.”

The Macalinao brothers

According to the CoinDesk investigation, Ian Macalinao has been building projects as “11 purportedly independent developers” to create an inflated TVL on the Solana blockchain. CoinDesk alleged Ian authored an unpublished blog post from March 26 that reads:

“I devised a scheme to maximize Solana’s TVL: I would build protocols that stack on top of each other, such that a dollar could be counted several times… I believe it contributed to the dramatic rise of SOL”

The brothers used various anonymous identities to build a network of protocols that would utilize double-counted assets to inflate the total TVL of the ecosystem artificially. Ian allegedly explained, “I wanted to make it look like a lot of people were building on our protocol;” — a prime example of a Sybil attack.

Dylan even went as far as to personally tweet that he felt “comfortable staking [his] own crypto in [the] project” Sunny Agreggator, now believed to have been developed by the brothers.

The pair appear to have used their public identities to shill projects they worked on to bolster adoption anonymously. In the below tweets, the alleged pseudonyms for Ian Macalinao, Surya Khosla, and GokiProtocol seem to have thanked themselves for building web3 tools for the community.

Big thanks to @simplyianm for launching this tool. We should have claims up soon once he finishes up his audit of our SPQR program. https://t.co/yggc0o2mYz

— veSurya Khosla (☀️,🇮🇳) (@SuryaKhosla) April 2, 2022

Advertisement

Huge fan of @GokiProtocol and what they’re doing for @Solana UX.

Take a look! https://t.co/c1Byzrwk5N

— ian.move ↗️ (@simplyianm) September 4, 2021

The CoinDesk article explains in detail how the brothers manipulated the Solana DeFi ecosystem, which came at a time when Solana was just rocked by the Slope Finance wallet exploit.

Sybil Resistance

The Gitcoin passport aims to tackle the issue highlighted by fake developer profiles by allowing builders to “grow a decentralized identity record with various credentials about you.”

Soulbound tokens (SBTs) are another technology that can help build Sybil resistance through non-transferable NFT tokens tied to a specific wallet. When Vitalik Buterin, founder of Ethereum, introduced the concept of SBTs, he stated, “a common criticism of the “web3″ space as it exists today is how money-oriented everything is.”

Advertisement

The alleged exploitation of the Solana DeFi ecosystem by the Macalinao brothers reinforces the strength of Vitalik’s criticism. The brothers allegedly built an elaborate network of DeFi projects to inflate the TVL of DeFi on Solana — a monetary goal.

Vitalik concluded his presentation on SBTs by declaring, “we need more effort on thinking through and solving these challenges” about the transferability of “identity objects” in the web3 space. One core “identity object” is the identity of developers building in an open-source ecosystem.

While decentralization and “DeSoc” may be a long-term goal for many in web3, a critical problem that has not yet been resolved is that of Sybil resistance. If two young developers from Texas can fool an entire ecosystem of the existence of $7.5 billion, then something is not right.

If you are building a project that looks to solve the Sybil attack vector on the crypto industry, contact CryptoSlate via the email or Twitter links above. 

CryptoSlate reached out to the Macalinao brothers but did not receive an immediate response to requests for comment.

Advertisement

Censorship

Aave confirms TRM Labs API blocked “dusted” Ethereum wallets – access restored

Published

on

Aave confirms TRM Labs API blocked “dusted” Ethereum wallets – access restored

Aave confirms TRM Labs API blocked “dusted” Ethereum wallets – access restored Liam ‘Akiba’ Wright · 5 hours ago · 2 min read

Users regain access to Aave’s front end after compliance API flagged Tornado Cash-dusted wallets.

2 min read

Updated: August 14, 2022 at 11:10 pm

Advertisement

Cover art/illustration via CryptoSlate

Aave has confirmed that the ban list provided by TRM Labs included Ethereum wallets that had been “dusted” with 0.1 ETH through Tornado Cash. The falsely flagged wallet addresses have now been removed from the “sanctioned” addresses and are again able to connect to the Aave front-end.

The ban issued by Aave only stopped users from interacting with its IPFS-hosted web interface for the Aave protocol. Users could still connect via CLI or forking the front-end to host in their environments. While this was far from ideal for those expecting to be able to use a clean UI, it did mean that everyone still had access to their funds in some way or another.

With the issue happening over the weekend, CryptoSlate has not been able to obtain a response to requests for comment from Aave. However, the Aave official Twitter account released an eight-tweet announcement regarding the issue.

Aave confirmed that the TRM Labs API was responsible for banning users connected to Tornado Cash, as reported by CryptoSlate on Saturday. The move to add the API was said to have been an “integration [that] was both critical & urgent.”

Advertisement

1/8 The Aave team’s top priority is building a safe & secure system for users. We integrated TRM’s API on the Aave IPFS frontend, which is why some users may be experiencing trouble accessing the Aave app, one of the frontends to the Aave Protocol.

Read 👇🏼 for more info

— Aave (@AaveAave) August 13, 2022

Aave’s direct response to banning dust attack victims was to confirm that it had “mitigated” the issue.

“The team mitigated these issues by immediately addressing this, and we continue to evaluate responsible and reasonable risk mitigation given the circumstances.”

In a forward-looking statement, Aave declared:

“The Aave team will continue to innovate. We encourage the community to remain engaged and actively fight for open and fair finance.”

The speed at which Aave was able to reactive the innocent addresses is to be commended. However, the sanction of addresses without knowledge of their connection to illegal activities sets a potentially dangerous precedent.

Advertisement

CryptoSlate has created opened lines of communication with TRM Labs and will provide further updates.

Continue Reading

Altcoins

Why there’s more to Fantom’s dApp ecosystem than what meets the eye

Published

on

Why there’s more to Fantom’s dApp ecosystem than what meets the eye

The ever-growing Web3 space is continuing to find supporters in the market to make sure that it prospers into the next big thing. In fact, this is one space that is driven by the likes of Fantom.

Backing its most-recent efforts is Cypher Capital, with the latter intending to bring more to the table with its funding.

Not a Fantom

In what is the latest addition to the Venture Capitalists roundtable, Cypher Capital has now invested in Fantom. Its strategic funding plans to support projects and developers on the Fantom network.

With this partnership, Cypher Capital will be able to fund and further projects across Web3, DeFi, and gaming. At the same time, the same will help provide early-stage backing and solution expertise.

Advertisement

Fantom has always been one of the biggest DeFi chains, both in terms of total value locked as well as the number of projects existing on the chain.

As a top-10 chain, Fantom, at press time, held $650 million in TVL spread across 257 protocols – The fourth-highest for any blockchain.

In fact, partnerships such as the aforementioned are bound to propel Fantom into the limelight. Especially since the DeFi market is still recovering from the recent crashes that wiped out more than $80 billion in just 2 months.

This lag will give Fantom just the room it needs to establish itself as an important player in this field.

This may be because on the investor front, the chain has been struggling to keep its investors’ faith in the asset intact. Over the last month and a half, investors’ presence has seen slight changes, with some leaving and some others entering.

Advertisement

The ridges seen on the metric seemed to indicate the same too.

However, demand for the asset is still keeping its price at an incline, with the same hiking by 81.08% in 2 months.

Now, it’s worth pointing out that this doesn’t compare to the massive 87.93% drawdown from its all-time high in January.

Even so, thanks to the broader market’s recent cues, FTM is taking a step in the right direction.

As long as the asset isn’t overbought, it is safe from noting a trend reversal as $0.5 is the next critical support target for Fantom.

Advertisement

Aaryamann is a freelance crypto journalist working with AMBCrypto. He is currently investing his time in the crypto-space. He has a keen interest in DeFi, the ever-expanding possibilities of blockchain technology, as well as the political impact they would have.

Advertisement

Continue Reading

Altcoins

8liens sweeps NFT market WITH 253% surge, but what of CryptoPunks, BAYC

Published

on

8liens sweeps NFT market WITH 253% surge, but what of CryptoPunks, BAYC

The wider Ethereum [ETH] NFT market did not note any spine-tingling milestones recently, despite the altcoin hitting $2,000. In fact, sales volumes across ETH NFTs saw a 3.38% fall over the last 24 hours, according to CryptoSlam.

However, there was some eye-catching activity in the same ETH NFT market. No, it was not about Crypto Punks or Yuga Labs-backed Bored Ape Yacht Club [ BAYC].

Aliens over Apes?

According to CryptoSlam’s data, “genderless” NFT collection 8liens was the best-performing NFT in the last 24 hours. The NFT collection recorded over $3 million in sales volume within the said period. These 3,374 transactions that added up involved 1,672 buyers.

Source: CryptoSlam

Advertisement

The aforementioned figures were way higher than the activities recorded within the BAYC and CryptoPunks ecosystems. Now, although they both registered an uptick, it was lower than the one 8liens recorded. In fact, CryptoPunks’ 24-hour sales volume hiked by 79.62% to hit $2.83 million while BAYC only went up a paltry 4.58% to $1.38 million.

At press time, 8liens traders’ profit was an average of 32.90% with active wallets up by 122.70% to hit 2,886.

Source: CryptoSlam

Despite the said uptick, however, 8liens was still down from its floor price of 0.62 ETH on 11 August. At the time of writing, the lowest-priced 8liens asset was worth 0.298 ETH. However, it’s worth pointing out that its position has improved since the market was last looked at.

Can’t tame the bear

With the crypto-market recovering, NFT traders might be expecting the market to follow. However, it might not yet be time for a full-blown gain season. This, because the entire NFT ecosystem has not shown signs of a complete revival with an aggregate 1.80% decline in the last 24 hours.

Advertisement

Other blue-chip collections including Sorare and Otherdeed also noted declines in their 24-hour sales volumes. Sorare was down 51.88% while Otherdeed’s fell by 20.02%. Additionally, Moonbirds was not left out as it went down by 42.07%.

While 8liens surged, the chances of the NFT market claiming bullish momentum are still low. In fact, NFTGo reported that the global market cap was down 11.33% over the last three months. Also, the market was far from reaching  the trader count within the same period. In fact, buyers were down 29.32% to 440,644 while the overall number of traders also declined to 658.092.

Source: NFTGo

Jibin is a news editor at AMBCrypto. With over three years of experience as a political writer, he primarily focuses on the political impact of crypto developments. A graduate in Law and International Relations, his writing is by and large focused on cryptocurrencies from the political and financial perspective. A Liverpool FC fan. YNWA

Advertisement

Advertisement
Continue Reading

Top posts

․bit Raises $13M To Build Cross-Chain Decentralized Identity Protocol ․bit Raises $13M To Build Cross-Chain Decentralized Identity Protocol
BIT2 hours ago

․bit Raises $13M To Build Cross-Chain Decentralized Identity Protocol

sponsored .bit (did.id) has raised $13 million to build a cross-chain decentralized identity protocol. The Series A round, completed one...

What a complete yolk! Comparing Bitcoin to Eggs and why it matters What a complete yolk! Comparing Bitcoin to Eggs and why it matters
adoption3 hours ago

What a complete yolk! Comparing Bitcoin to Eggs and why it matters

What a complete yolk! Comparing Bitcoin to Eggs and why it matters Liam ‘Akiba’ Wright · 4 seconds ago ·...

Biggest Movers: SHIB Remains Near 3-Month High, Whilst LEO Hits 2-Week High  Biggest Movers: SHIB Remains Near 3-Month High, Whilst LEO Hits 2-Week High 
Analysis3 hours ago

Biggest Movers: SHIB Remains Near 3-Month High, Whilst LEO Hits 2-Week High 

Shiba inu remained close to a three-month high to start the week, after breaking out of a key resistance level...

Why Hashing Is Critical In Ensuring Sage Encryption In Cyber Security Why Hashing Is Critical In Ensuring Sage Encryption In Cyber Security
Cyber Security3 hours ago

Why Hashing Is Critical In Ensuring Sage Encryption In Cyber Security

Hashing is really important for integrated encryption in cyber security Assuming you work in the innovation or cyber security industry,...

Bitgert (BRISE) Marketcap To Explode Past Baby Doge And Safemoon (SFM) This Month Bitgert (BRISE) Marketcap To Explode Past Baby Doge And Safemoon (SFM) This Month
SafeMoon4 hours ago

Bitgert (BRISE) Marketcap To Explode Past Baby Doge And Safemoon (SFM) This Month

Bitgert’s massive developments that include adding disruptive products and projects to the Brise ecosystem are key skyrocketing Bitgert marketcap. The...

New Brazil bill wants to tokenize mined gold on blockchain New Brazil bill wants to tokenize mined gold on blockchain
adoption4 hours ago

New Brazil bill wants to tokenize mined gold on blockchain

New Brazil bill wants to tokenize mined gold on blockchain Oluwapelumi Adejumo · 60 mins ago · 1 min read...

Solana Price Climbs To $47 As SOL Bulls Outshine Pesky Bears Solana Price Climbs To $47 As SOL Bulls Outshine Pesky Bears
btcusd4 hours ago

Solana Price Climbs To $47 As SOL Bulls Outshine Pesky Bears

Solana (SOL) price has locked its sights on the goal from day one. Solana’s price is extremely bullish Price spiked...

President Of Central Bank Of Brazil Disagrees With ‘Heavy Hand’ Regulations For Cryptocurrencies President Of Central Bank Of Brazil Disagrees With ‘Heavy Hand’ Regulations For Cryptocurrencies
Brazil5 hours ago

President Of Central Bank Of Brazil Disagrees With ‘Heavy Hand’ Regulations For Cryptocurrencies

The president of the Central Bank of Brazil, Roberto Campos Neto, has defended the use of more moderate regulations in...

Interlay launches Bitcoin-backed stablecoin iBTC on Polkadot network Interlay launches Bitcoin-backed stablecoin iBTC on Polkadot network
adoption5 hours ago

Interlay launches Bitcoin-backed stablecoin iBTC on Polkadot network

Interlay launches Bitcoin-backed stablecoin iBTC on Polkadot network Samuel Wan · 1 hour ago · 2 min read The new...

TA: Top 5 Crypto You Should Watch This Week – BTC, ETH, BNB, GMT TA: Top 5 Crypto You Should Watch This Week – BTC, ETH, BNB, GMT
Bitcoin5 hours ago

TA: Top 5 Crypto You Should Watch This Week – BTC, ETH, BNB, GMT

Top 5 Crypto You Should Watch This Week, with many crypto altcoins producing price gains of two or more digits....

Bitcoin, Ethereum Technical Analysis: BTC Lower, Following Brief Rally Above $25,000 Bitcoin, Ethereum Technical Analysis: BTC Lower, Following Brief Rally Above $25,000
Analysis5 hours ago

Bitcoin, Ethereum Technical Analysis: BTC Lower, Following Brief Rally Above $25,000

Bitcoin was trading lower to start the week, after the token briefly rose above $25,000 during Sunday’s session. As of...

Monero enhances privacy, security features with new upgrade Monero enhances privacy, security features with new upgrade
Monero7 hours ago

Monero enhances privacy, security features with new upgrade

Monero enhances privacy, security features with new upgrade Oluwapelumi Adejumo · 2 hours ago · 2 min read The Monero...

Report Shows Crypto Assets Record Steady Growth As Inflation Lowers Report Shows Crypto Assets Record Steady Growth As Inflation Lowers
BTC7 hours ago

Report Shows Crypto Assets Record Steady Growth As Inflation Lowers

The United States’ newest release on its inflation rate for July has created a celebration reason for many, especially the...

MANA’s network activity could bring forth a shorting opportunity here MANA’s network activity could bring forth a shorting opportunity here
Altcoins8 hours ago

MANA’s network activity could bring forth a shorting opportunity here

Every once in a while, cryptocurrencies go through a phase where volumes contract and prices are restricted within a narrow...

Monero (XMR) Climbs Over 7% Before Weekend Hard Fork Monero (XMR) Climbs Over 7% Before Weekend Hard Fork
btcusd9 hours ago

Monero (XMR) Climbs Over 7% Before Weekend Hard Fork

Monero (XMR) price has surged by as much as 7% in a matter of 24 hours before network upgrade or...

USDT supply up almost $2B over 30 days, USDC supply falls after blocking Tornado Cash linked wallets USDT supply up almost $2B over 30 days, USDC supply falls after blocking Tornado Cash linked wallets
MIM9 hours ago

USDT supply up almost $2B over 30 days, USDC supply falls after blocking Tornado Cash linked wallets

USDT supply up almost $2B over 30 days, USDC supply falls after blocking Tornado Cash linked wallets Oluwapelumi Adejumo ·...

GameFi as a major achievement of the Korean Wave (Hallyu) movement GameFi as a major achievement of the Korean Wave (Hallyu) movement
Company News10 hours ago

GameFi as a major achievement of the Korean Wave (Hallyu) movement

July 15th was a music milestone. Ten years ago in Summer 2012, the release of “Gangnam Style,” catapulted South Korean...

Ripple lawsuit: SEC receives another shock after latest court ruling Ripple lawsuit: SEC receives another shock after latest court ruling
News11 hours ago

Ripple lawsuit: SEC receives another shock after latest court ruling

American watchdog SEC took a recent hit as the battle against Ripple moved into an interesting phase this week. There...

Trending

Daily Bitcoin MiningEarn At least $50 daily with just your phone