The blockchain battled through an outage for more than four and a half hours, according to Solana status. It was the first outage in the past month, with the previous outage occurring on May 1, 2022.
The blockchain has struggled to provide 100% uptime (a measure of availability) over the past 3 months. The network faced its worst outage in January 2022, crashing the network every day for seven consecutive days.
The Solana team attributed the issue to a bug in the blockchain’s durable nonce transactions feature. This led to non-determinism, meaning that different nodes generated different results for the same block and were unable to reach a consensus.
"The issue is completely unrelated to clock drift and the clock drift has nothing to do with the network halting,”
Manhattan prosecutors on Wednesday accused a former employee of OpenSea, an auction site for the digital goods known as nonfungible tokens, or NFTs, of insider trading. It is believed to be the first such case filed related to a cryptocurrency company.
Nathaniel Chastain, a 31-year-old former product manager at OpenSea, is accused of using his knowledge of which NFTs would be featured on the site’s home page to secretly purchase from those collections in advance and then profit when auctions increased their value, according to a report in the DealBook newsletter.
Mr. Chastain was arrested on Wednesday and released on $100,000 bail after pleading not guilty. His lawyer declined to comment to reporters after the hearing.
Mr. Chastain is accused of taking advantage of anonymous digital wallets and accounts in the alledged fraud. Last summer, he bought about 45 NFTs on at least 11 occasions, selling them at two to five times as much as he paid for them, according to the indictment. He moved cryptocurrency and digital collectibles among anonymous Ethereum wallets and OpenSea accounts he had set up.
Mr. Chastain was charged with one count of wire fraud and one count of money laundering, each of which carries a maximum sentence of 20 years. If convicted, he will have to forfeit the NFTs he bought in the scheme
Two exploits hit Mirror Protocol, and the larger of the two wasn’t even noticed at first.
When the Ronin Bridge hack was announced, we were all shocked to hear the funds were missing for a week before the alarm was raised.
It took Mirror Protocol seven months, to spot the loss, and when they did finally notice, they didn’t publicly announce anything.
And then, 232 days later, they were hit again.
The day after the first loss was revealed, another $2M was taken.
The first exploit, executed on the 8th of October 2021, involved repeatedly unlocking collateral deposited against short positions on Mirror Protocol.
The lock contract did not contain a duplicate call check for withdrawals, allowing the attacker to drain funds deposited by other users by calling unlock_position_funds for their own position ID multiple times.
Despite the vulnerability remaining live, no followup attack was made; the balance of the lock contract never rose high enough to exploit again without alerting the protocol’s userbase.
On the 14th of May, the vulnerability was finally, and quietly, patched with no mention of the bug nor the $90M loss it had produced just seven months earlier.
The issue was down to Luna Classic validators running an out-of-date oracle, which hadn’t been updated for the legacy chain.
This meant that users could buy cheap LUNC, deposit as collateral, and take advantage of the overvaluation to drain Mirror’s pools. The protocol’s mBTC, mETH, mDOT and mGLXY were drained, totalling ~$2M for the attacker.
After news of the exploit over the weekend, the oracle was successfully fixed, but the problems didn't stop there.
All mAssets (Mirror-wrapped stocks) were still for the taking, unable to be traded until markets opened following the long-weekend. The worry was that the previously stolen funds would be used to snap up the remaining, vastly-undervalued mAssets.