We can decode the input data and receive:0transactionIduint25621108
Looking at transaction 21108 we see it was confirmed by 2 of the multi sig wallets:
3/6
Wallets which confirmed that unlockTokens transaction:
0xf845A7ee8477AD1FB4446651E548901a2635A915
0x812d8622C6F3c45959439e7ede3C580dA06f8f25
4/6
The multi sig contract asks for 4 confirmations but has a function has a function which allows for the alteration of the requirement number
Transactionid 21126 changed the requirement to 4
…which was also approved by those same two wallets in the multi sig
5/6
The Harmony team seems to have just detected the attack a few hours ago and changed the requirement to 4 which you can see the first 8 bytes:
1942
changeRequirement(uint256)
0xba51a6df
Meaning the 5 person Harmony bridge multi sig had 2 wallets approve the transactions
6/6 TLDR: Harmony bridge uses a multi sig contract. 2 of the multi sig wallets approved transaction 21108 to drain 592 WBTC and a few hours later transaction 21126 a transaction which changed the requirement from 2 to 4 signature wallets to secure the bridge
As strange and wild as #DeFi is, by being decentralized everything is ultimately transparent so you’re able to understand the risks, causes, and effects of specific actors in the space
2/ I don’t know with any certainty Celsius’ financial positions or treasury management and I can’t find out through any objective measure. Everything is unfortunately speculation. Maybe they have bad debt from stETH (cobie.substack.com/p/staking-pegg…)
3/ Maybe they were using DeFi to farm with customer funds for profit (they were) and lost large amounts in various exploits (they did). Maybe they were more affected by the collapse of Terra than they led on. Maybe they'e another victim to the bloody market from volatile exposure
A thread from a RugDoc engineer without insider knowledge 🧵 👇
1/ A week ago, Andre Cronje, the FTM godfather who supposedly left development completely, was seen deploying a contract on FTM after receiving 70M FTM (~$35m) from a Binance withdrawal presumably by the Fantom Foundation.
I wanted to start investigating this...
/2 All though not verified, the bytecode for this contract contained the address for FUSD, the failed Fantom stablecoin which has been notoriously trading under peg for ages.
As most of you know, one should not leave their tokens within a genesis for too long, as most of these contracts eventually (usually 90 days after genesis finishes) allow governance to take out all staked tokens.
Remember that one fork where they inverted the < to a >?
Now things get fun within ftom as they can reconfigure their poolStartTime.
🤔But you, the solidity expert, say... Look at that second line, it can only be set in the future and thus the rug can only occur in 90 days?!