Difference between revisions of "Wintermute Trading"
m (→Basics) |
m (→Basics) |
||
| Line 1: | Line 1: | ||
== Basics == | == Basics == | ||
== Bugs/Exploits == | |||
*[https://rekt.news/wintermute-rekt-2/ From] [[Rekt]] (20-9-2022): | |||
''"Their [[Hot Wallet|hot wallet]] has been compromised, likely through the use of a vanity [[address]], created with the vulnerable tool Profanity. The loss was announced by Wintermute CEO Evgeny Gaevoy approximately three hours after the theft:'' | |||
''"We’ve been hacked for about $160M in our defi operations. [[CeFi|Cefi]] and [[Over The Counter (OTC)|OTC]] operations are not affected We are solvent with twice over that amount in equity left"'' | |||
''The firm’s CEO states that the use of the vanity address was for “gas savings” rather than aesthetics… an expensive choice."'' | |||
*The [[Optimism (OP)|OP]] core team and Wintermute had a 20m OP exploit when using [https://twitter.com/kelvinfichter/status/1534636743223386119 old] (9-6-2022) [[Gnosis (GNO)|Gnosis Safe]] code while having [[multichain]] deployments. 17m got [https://decrypt.co/102541/optimism-hacker-returns-17-million-tokens-airdrop returned] and 1m got sent to [[Vitalik Buterin|Vitalik]] (10-6-2022) 2m was kept by the hacker 'as a bounty': | *The [[Optimism (OP)|OP]] core team and Wintermute had a 20m OP exploit when using [https://twitter.com/kelvinfichter/status/1534636743223386119 old] (9-6-2022) [[Gnosis (GNO)|Gnosis Safe]] code while having [[multichain]] deployments. 17m got [https://decrypt.co/102541/optimism-hacker-returns-17-million-tokens-airdrop returned] and 1m got sent to [[Vitalik Buterin|Vitalik]] (10-6-2022) 2m was kept by the hacker 'as a bounty': | ||
''"[[Optimism]] hired crypto market [[maker]] Wintermute to distribute the [[tokens]] in a highly anticipated [[airdrop]]. But because Optimism sent them to a Wintermute layer-1 [[address]] that hadn't yet been synced to [[layer-2]], they were all inaccessible. Wintermute said that the tokens would be secure. But within a day, a hacker stole all 20 million tokens. They were worth $35 million at the time. The address has returned a majority of the OP, and @wintermute_t has committed to reimbursing the Optimism [[Foundation]] for the remaining 2mm OP, which was kept as a bounty."'' | ''"[[Optimism]] hired crypto market [[maker]] Wintermute to distribute the [[tokens]] in a highly anticipated [[airdrop]]. But because Optimism sent them to a Wintermute layer-1 [[address]] that hadn't yet been synced to [[layer-2]], they were all inaccessible. Wintermute said that the tokens would be secure. But within a day, a hacker stole all 20 million tokens. They were worth $35 million at the time. The address has returned a majority of the OP, and @wintermute_t has committed to reimbursing the Optimism [[Foundation]] for the remaining 2mm OP, which was kept as a bounty."'' | ||
Revision as of 04:28, 2 October 2022
Basics
Bugs/Exploits
"Their hot wallet has been compromised, likely through the use of a vanity address, created with the vulnerable tool Profanity. The loss was announced by Wintermute CEO Evgeny Gaevoy approximately three hours after the theft:
"We’ve been hacked for about $160M in our defi operations. Cefi and OTC operations are not affected We are solvent with twice over that amount in equity left"
The firm’s CEO states that the use of the vanity address was for “gas savings” rather than aesthetics… an expensive choice."
- The OP core team and Wintermute had a 20m OP exploit when using old (9-6-2022) Gnosis Safe code while having multichain deployments. 17m got returned and 1m got sent to Vitalik (10-6-2022) 2m was kept by the hacker 'as a bounty':
"Optimism hired crypto market maker Wintermute to distribute the tokens in a highly anticipated airdrop. But because Optimism sent them to a Wintermute layer-1 address that hadn't yet been synced to layer-2, they were all inaccessible. Wintermute said that the tokens would be secure. But within a day, a hacker stole all 20 million tokens. They were worth $35 million at the time. The address has returned a majority of the OP, and @wintermute_t has committed to reimbursing the Optimism Foundation for the remaining 2mm OP, which was kept as a bounty."
Projects
KYC Subnet
"The single most salient development here came with Ava Labs’ announcement that it will collaborate with Aave, GoldenTree Asset Management, Wintermute, Jump Crypto, Valkyrie, and Securitize to build a permissioned subnet with native KYC functionality.
Investments
- Got put in the B category on a Crypto VC list (29-8-2022).
- Angle; took part in the $5M raise (28-9-2021).
- UMA. Took part in the Range Token raise for UMA of $2.66M (16-7-2021).
