Recently, the ParaSwap DAO community has reached a decision to use its treasury funds for compensating victims of a recent hack. The proposal, put forth by the ParaSwap decentralised autonomous organisation (DAO) on April 4, outlined the idea of utilising these funds to reimburse those affected by the AugustusV6 contract breach.
Consensus Among ParaSwap DAO to Compensate Victims
Three days following the proposal submission, the community arrived at a consensus, with an overwhelming 96.81% of voters supporting the compensation for victims impacted by the hack.
The AugustusV6 contract, aimed at reducing gas fees and enhancing swapping efficiency, was rolled out briefly on March 18. However, a minor vulnerability in the upgrade provided hackers unauthorised access, resulting in the depletion of funds from the accounts of users who had authorised it. Despite the platform’s implementation of a soft rollback to prevent significant losses, approximately $3.4 million was safeguarded, while the hackers managed to abscond with over $864,000.
Post-Hack Initiatives and Recovery Progress
Following the breach, the ParaSwap Foundation issued a statement disclosing ongoing collaboration with analytics firm Chainalysis and TRM Labs. The Foundation showed efforts in identifying the hacker’s wallet address and tracking the movement of the misappropriated funds. Additionally, assurances were made regarding the coverage of funds associated with the breach, including liaising with authorities, funding contract re-audits, and managing the refund process.
As of April 4, the Foundation provided an update indicating the successful recovery of approximately $500,000 of the stolen funds. Despite the incomplete tally of the total stolen funds at the time, this recovery accounted for 63% of the losses.
Fund Recovery Update:
Following the work done both by our core team and partners, approximately $500k worth of assets have been recovered from a hacker who had misappropriated the most funds.Thanks to this rescue, the amount of funds still unaccounted for – which comprise users…
— ParaSwap (@paraswap) April 4, 2024
ParaSwap emphasised that refunding affected users represents a crucial step towards the platform’s sustainability. Notably, hackers encountered limited success in absconding with stolen funds in March. PeckShield, a blockchain security platform, reported the recovery of over $100 million stolen through hacks last month, with approximately 52% of the total pilfered funds reclaimed. The majority of the recovered funds were associated with the theft from Munchables, a game developed on the Blast network, as per the platform’s data.