Difference between revisions of "Wintermute Trading"
m (→Basics) |
m (→Bugs/Exploits) |
||
(7 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
== Basics == | == Basics == | ||
[[NEAR (NEAR)|NEAR]] got [https://twitter.com/EvgenyGaevoy/status/1722019058717986903 publicly outed] by Wintermute for not paying back their USN hole that Wintermute covered after Alameda went down (8-11-2023). Interestingly enough multiple NEAR partnership announcements were released around the same days, potentially doing damage control. | |||
== Bugs/Exploits == | |||
*[https://rekt.news/wintermute-rekt-2/ From] [[Rekt]] (20-9-2022): | |||
''"Their [[Hot Wallet|hot wallet]] has been compromised, likely through the use of a vanity [[address]], created with the vulnerable tool Profanity. The loss was announced by Wintermute CEO Evgeny Gaevoy approximately three hours after the theft:'' | |||
''"We’ve been hacked for about $160M in our defi operations. [[CeFi|Cefi]] and [[Over The Counter (OTC)|OTC]] operations are not affected We are solvent with twice over that amount in equity left"'' | |||
''The firm’s CEO states that the use of the vanity address was for “gas savings” rather than aesthetics… an expensive choice."'' | |||
*The [[Optimism (OP)|OP]] core team and Wintermute had a 20m OP exploit when using [https://twitter.com/kelvinfichter/status/1534636743223386119 old] (9-6-2022) [[Gnosis (GNO)|Gnosis Safe]] code while having [[multichain]] deployments. 17m got [https://decrypt.co/102541/optimism-hacker-returns-17-million-tokens-airdrop returned] and 1m got sent to [[Vitalik Buterin|Vitalik]] (10-6-2022) 2m was kept by the hacker 'as a bounty': | *The [[Optimism (OP)|OP]] core team and Wintermute had a 20m OP exploit when using [https://twitter.com/kelvinfichter/status/1534636743223386119 old] (9-6-2022) [[Gnosis (GNO)|Gnosis Safe]] code while having [[multichain]] deployments. 17m got [https://decrypt.co/102541/optimism-hacker-returns-17-million-tokens-airdrop returned] and 1m got sent to [[Vitalik Buterin|Vitalik]] (10-6-2022) 2m was kept by the hacker 'as a bounty': | ||
''"[[Optimism]] hired crypto market [[maker]] Wintermute to distribute the [[tokens]] in a highly anticipated [[airdrop]]. But because Optimism sent them to a Wintermute layer-1 [[address]] that hadn't yet been synced to [[layer-2]], they were all inaccessible. Wintermute said that the tokens would be secure. But within a day, a hacker stole all 20 million tokens. They were worth $35 million at the time. The address has returned a majority of the OP, and @wintermute_t has committed to reimbursing the Optimism [[Foundation]] for the remaining 2mm OP, which was kept as a bounty."'' | ''"[[Optimism]] hired crypto market [[maker]] Wintermute to distribute the [[tokens]] in a highly anticipated [[airdrop]]. But because Optimism sent them to a Wintermute layer-1 [[address]] that hadn't yet been synced to [[layer-2]], they were all inaccessible. Wintermute said that the tokens would be secure. But within a day, a hacker stole all 20 million tokens. They were worth $35 million at the time. The address has returned a majority of the OP, and @wintermute_t has committed to reimbursing the Optimism [[Foundation]] for the remaining 2mm OP, which was kept as a bounty."'' | ||
Line 10: | Line 19: | ||
''"The single most salient development here came with [[Avalanche (AVAX)|Ava Labs]]’ announcement that it will collaborate with [[Aave (AAVE)|Aave]], [[GoldenTree Asset Management]], Wintermute, [[Jump Crypto]], [[Valkyrie]], and [[Securitize]] to build a [[permissioned]] subnet with native [[KYC]] functionality.'' | ''"The single most salient development here came with [[Avalanche (AVAX)|Ava Labs]]’ announcement that it will collaborate with [[Aave (AAVE)|Aave]], [[GoldenTree Asset Management]], Wintermute, [[Jump Crypto]], [[Valkyrie]], and [[Securitize]] to build a [[permissioned]] subnet with native [[KYC]] functionality.'' | ||
=== TRON DAO === | |||
* It is [https://messari.io/report/state-of-tron-q3-2022?referrer=all-research one of the] [[whitelisted]] institutions of the TRON DAO Reserve (TDR), which governs the overcollateralization of [[USDD]] (4-11-2022). | |||
== Investments == | == Investments == | ||
*According to this [https://twitter.com/ThorHartvigsen/status/1626204769189605377 thread] (16-2-2023): | |||
''"Total Balance $401m • $301m $wETH • $47m $[[Optimism (OP)|OP]] • $22.2m $[[Lido (LDO)|LDO]] • $17m $ETH • $7.5m $[[Gala (GALA)|GALA]] (most acquired this month) • $7.3m $[[Fantom (FTM)|FTM]] • $6.6m $DYDX • $6m $[[BLUR]] • $5.7m $[[Hashflow|HFT]] • $5.1m $[[Polygon (MATIC)|MATIC]]. Wintermute deposited $5m+ of $BLUR to several exchange deposit addresses right around the [[airdrop]] (potentially dumping). Finally, Wintermute has seemingly been selling ~$4m of $[[Bored Ape Yacht Club (APE)|APE]] in February."'' | |||
*Got put in the B category on a [https://taka-eth.notion.site/fa8df6c4eb90426cbd5b34dc8553a0bc?v=fbb7c3f8f2f64e8f990260bdc5f22e4c Crypto VC list] (29-8-2022). | *Got put in the B category on a [https://taka-eth.notion.site/fa8df6c4eb90426cbd5b34dc8553a0bc?v=fbb7c3f8f2f64e8f990260bdc5f22e4c Crypto VC list] (29-8-2022). | ||
*[[Angle Protocol|Angle]]; took part in the $5M raise (28-9-2021). | *[[Angle Protocol|Angle]]; took part in the $5M raise (28-9-2021). | ||
*[[Hashflow (HFT)|Hashflow]]; was [https://messari.io/report/hashflow-certainty-in-execution part of] their Series A round (7-2022). | |||
*[[Karpatkey]]; Wintermute Ventures took part of the [https://www.coindesk.com/tech/2022/11/23/ethereum-name-service-selects-karpatkey-dao-as-endaoment-fund-manager/ $7M funding round] (23-10-2024). | |||
*[[Pyth Network (PYTH)|Pyth]]; Wintermute Ventures participated in its first [https://pyth.network/blog/expanding-the-pyth-community-strategic-capital-and-new-builders announced] round (5-12-2023). | |||
*[[Taiko]]: Wintermute Ventures was part of the [https://www.theblock.co/post/280268/ethereum-layer-2-taiko-funding-mainnet $15M] pre-mainnet Series A (2-3-2024). | |||
*[[UMA (UMA)|UMA]]. Took part in the [https://medium.com/uma-project/uma-raises-2-6mm-in-the-pilot-of-the-range-token-de5be578fa5e Range Token] raise for UMA of $2.66M (16-7-2021). | *[[UMA (UMA)|UMA]]. Took part in the [https://medium.com/uma-project/uma-raises-2-6mm-in-the-pilot-of-the-range-token-de5be578fa5e Range Token] raise for UMA of $2.66M (16-7-2021). | ||
== Team == | == Team == | ||
[[Category:Companies/Organisations]] | [[Category:Companies/Organisations]] |
Latest revision as of 01:54, 28 October 2024
Basics
NEAR got publicly outed by Wintermute for not paying back their USN hole that Wintermute covered after Alameda went down (8-11-2023). Interestingly enough multiple NEAR partnership announcements were released around the same days, potentially doing damage control.
Bugs/Exploits
"Their hot wallet has been compromised, likely through the use of a vanity address, created with the vulnerable tool Profanity. The loss was announced by Wintermute CEO Evgeny Gaevoy approximately three hours after the theft:
"We’ve been hacked for about $160M in our defi operations. Cefi and OTC operations are not affected We are solvent with twice over that amount in equity left"
The firm’s CEO states that the use of the vanity address was for “gas savings” rather than aesthetics… an expensive choice."
- The OP core team and Wintermute had a 20m OP exploit when using old (9-6-2022) Gnosis Safe code while having multichain deployments. 17m got returned and 1m got sent to Vitalik (10-6-2022) 2m was kept by the hacker 'as a bounty':
"Optimism hired crypto market maker Wintermute to distribute the tokens in a highly anticipated airdrop. But because Optimism sent them to a Wintermute layer-1 address that hadn't yet been synced to layer-2, they were all inaccessible. Wintermute said that the tokens would be secure. But within a day, a hacker stole all 20 million tokens. They were worth $35 million at the time. The address has returned a majority of the OP, and @wintermute_t has committed to reimbursing the Optimism Foundation for the remaining 2mm OP, which was kept as a bounty."
Projects
KYC Subnet
"The single most salient development here came with Ava Labs’ announcement that it will collaborate with Aave, GoldenTree Asset Management, Wintermute, Jump Crypto, Valkyrie, and Securitize to build a permissioned subnet with native KYC functionality.
TRON DAO
- It is one of the whitelisted institutions of the TRON DAO Reserve (TDR), which governs the overcollateralization of USDD (4-11-2022).
Investments
- According to this thread (16-2-2023):
"Total Balance $401m • $301m $wETH • $47m $OP • $22.2m $LDO • $17m $ETH • $7.5m $GALA (most acquired this month) • $7.3m $FTM • $6.6m $DYDX • $6m $BLUR • $5.7m $HFT • $5.1m $MATIC. Wintermute deposited $5m+ of $BLUR to several exchange deposit addresses right around the airdrop (potentially dumping). Finally, Wintermute has seemingly been selling ~$4m of $APE in February."
- Got put in the B category on a Crypto VC list (29-8-2022).
- Angle; took part in the $5M raise (28-9-2021).
- Hashflow; was part of their Series A round (7-2022).
- Karpatkey; Wintermute Ventures took part of the $7M funding round (23-10-2024).
- Pyth; Wintermute Ventures participated in its first announced round (5-12-2023).
- Taiko: Wintermute Ventures was part of the $15M pre-mainnet Series A (2-3-2024).
- UMA. Took part in the Range Token raise for UMA of $2.66M (16-7-2021).