Weekly Alpha Leak 🚰 When it Rains, It Pours - 'Tis Exploit Season
Week of October 8-14, 2022
October isn’t even over and it’s already made DeFi history with hackers stealing $718M across 11 protocols. We’re desensitized at this point but today we’re reflecting on some important overarching questions - for the whole creator royalties hullabaloo as well.
Sharing is caring and knowledge is power! Do you find this newsletter helpful? Then be a Chad or Chadette and share this newsletter with your friends and colleagues
Done? Now let's dive in!
TL;DR:
💭 Ruminations on: Recent Exploits/Hacks and Creator Royalty Debate
💊 Top Bullets: $116M Mango Markets exploit, BNB Chain hard fork to reverse $100M hack, Matter Labs Ethereum Layer 3 scaling prototype, Polygon and Matter Labs zkEVM competition, Bank of New York Mellon to custody Bitcoin and ETH, Cosmos critical software vulnerability
📊 Data Highlights: Smart money near ATH for how much of their holdings are in stables, Largest Smart Money Inflows this month into cETH, cDAI, followed by regular DAI, Largest Smart Money Outflows this month: USDC and Rocket Pool, Solana 30% drop in DeFi TVL, Ethereum: down ~ 17% in NFT sales, Solana: up 100% in NFT sales
🏦 DeFi Highlights: New CEO SushiSwap accused of fingering a horse, Circle's USDC market cap drops below $50B, Tether replaced commercial paper with U.S. Treasury Bills, Tool shows Celsius user’s losses, CPOOL staking live, dYdX hires former ConsenSys director as foundation CEO, Refreshed Uniswap Web App + V3 live on zkSync on Oct. 28, Offchain Labs acquiring Prysmatic Labs, BUSD on Polygon network, Cosmos developer Agoric developing a stablecoin
🖼 NFT/Metaverse/Gaming Highlights: Dapper Labs blocking Russian accounts because of new EU sanctions, Limit Break DigiDaigaku Super Bowl commercial, Meta’s Horizon Worlds on quality lockdown, X2Y2 launches P2P NFT loan function, OpenSea launches on Avalanche, DeGods switches to 0% royalty model, CNN pulls plug on Web3 NFT project Vault
💸 Exchange Highlights: Google selects Coinbase to take cloud payments, FTX v2 live on Nov. 21, Huobi selling majority stake to About Capital Management, Binance may spend more than $1B on acquisitions and investments, Coinbase gets license in Singapore and plans to expand in Asia, Binance $500M fund for struggling miners
👨⚖️ Economic/Government/Regulatory Highlights: Markets in Crypto-Assets legislation passed the European Parliament, Yuga Labs facing a probe by the U.S. SEC, Portugal's 2023 budget proposal includes a 28% income tax, J.P. Morgan and Visa partner to streamline cross-border payments, Coin Center lawsuit against OFAC over sanctioning Tornado Cash, Chinese CBDC volume crossed $14B, Crypto advocates to join Ooki DAO defense against CFTC
💰 Fundraising Highlights: Uniswap Labs, Tatum, nxyz, Pillow, Rye, Zerion, MetaStreet
⛓ Crypto Highlights of the Week ⛓
Exploits and Hacks
When it rains, it pours - this week saw a crazy high number of hacks and exploits in a short period of time and in fact, October has become the worst month in DeFi history, with hackers stealing $718M across 11 protocols.
In just the span of a couple days this week, we saw the following hacks and exploits:
The Temple DAO - $2.3M
Solana’s Mango Market - $116M
QANplatform’s Ethereum and BSC bridge - $1.89M
Rabby’s Swap - $200,000
Sovryn - $1.1M
Anyone who’s been in this space for a while is probably desensitized to these types of news and losses, they seemingly occur so constantly that most just react with, “another one?’ However as the regulatory arena begins to heat up - many long standing and overarching questions arise.
Will these hackers ever face repercussions? Who has authority when it comes to decentralized distributed networks and who can/should be held legally responsible?
Will law enforcement be capable of tracking these on-chain activities? We’ve seen the Feds take down some big fish already. Notably the Bitfinex hacker, Razzlekhan and her boyfriend. This was likely an attempt to send a message to other hackers but what type of timeline can we expect if there are repercussions to come? Many hackers and rugpullers have gone free for years now.
Interestingly enough, we just recently saw French authorities utilized research from blockchain sleuth ZachXBT to charge five people on suspicion of stealing $2.5M worth of NFTs via phishing scams. So apparently there is movement on this front.
White hat hackers and bounties. Could setting an industry standard 10% whitehat bounty address a lot of the issues we’re currently facing? This would incentivize gigabrains to use their powers for good, instead of evil and help plug security vulnerabilities quicker.
The ripple effects of these actions can also be seen in regards to sanctions (Tornado Cash), the arresting of developers, moves against privacy with the implementation of KYC and anti-money laundering policies on some of the most prominent services and platforms in the industry.
Then there are also aspects of decentralization vs centralization. To counter the recent $100M hack, BNB Chain just this week implemented a hard fork to reverse the damage. That goes right in the face of the tenants of decentralization in crypto when a centralized entity can just halt or reset the chain.
Last but most definitely not least are the affected users. People have lost their money on these protocols and users have been routinely taking hit after hit and getting hurt. All of this is a net negative for the space when the public perception of crypto includes constant and recurring multimillion dollar exploits. Change needs to happen to shape this space up from the current Wild West environment we find ourselves in.
Creator Royalties Debate
The debate over NFT royalties has been heating up - with many NFT marketplaces and projects coming out and taking sides in recent weeks. Notably, popular Solana NFT project DeGods recently switched to a 0% royalty model and predicts that all NFT marketplaces will switch to a 0% royalty model in order to remain competitive. Let’s see what people are saying and what all the hullabaloo is about.
Tl;dr:
Pros:
A necessary source of revenue for creators, particularly for smaller collections
Artists' ability to continue earning after the initial sale a key advantage NFTs have over physical art
Cons:
Undermines the idea of true ownership and that holders shouldn't have to pay out additional funds
Let’s explore a bit further as each side has some merit. One of the primary selling points of “web3” for creators is the ability to monetize, distribute, have ownership and engage with their audience and fans. As opposed to the old paradigm, where the bulk of the profit went to web2 platforms through advertisement revenue. If marketplaces don't enforce royalties, one core reason for coming into web3 is gone for creators. Artists and creators deserve to make a living too, right?
Royalties help scale a project by incentivizing growth via continuous building. This leads to more innovation. Without royalties you essentially make NFTs an entirely Web2 product. You pay a team once and then they have 0 incentive not to keep building and growing - what’s in it for them at this point?
Let’s flip the situation and see how the situation differs. How would users feel if they were forced to pay secondary fees and royalties every time they resold a physical movie, cd, book, game or any creative work. You buy a physical game for a set price and when you try and resell that game, the money you make gets a little chunk of it taken out to be paid to the original game maker. After all, there was an original creator, IP owner, workers and an entire process behind putting out that work, shouldn’t they be due their cut when you try and resell something that you bought and now own? Is ownership ever fully yours when you buy something when the creator has rights in perpetuity? You sell your car and should the car designer be entitled to a royalty? Where does it end? What do you ever fully own?
The debate is a curious once and will need to find a harmonious balance to make sure all parties involved feel properly compensated, respected and not shafted in the process.
💊 This Week’s Top Daily Bullets 💊
The exploiter who stole roughly $116M from Mango Markets, a trading and lending platform on Solana, put forward a governance proposal that would grant them approximately $70M as a bounty reward. First they rug the chain and then try to strongarm. Mango Markets community set to approve $47M deal with hacker in favor of letting the hacker return half the funds in exchange for no criminal prosecution
BNB Chain implemented a hard fork upgrade called Moran in an attempt to recover and secure infrastructure following last week’s hack
October becomes worst month in DeFi history as hackers steal $718M across 11 protocols
Matter Labs will launch a public testnet for an Ethereum Layer 3 scaling prototype called Opportunity in Q1 2023. Renamed from "Pathfinder" to "Opportunity"
Polygon zkEVM public testnet - Aave and Uniswap, along with other projects, will be among the first projects to deploy on the zkEVM testnet. Polygon and Matter Labs are in a race to bring the first zkEVM rollup to market.
Bank of New York Mellon, the oldest bank in America, is enabling customers to custody bitcoin and ether alongside traditional investments on the same platform
U.S. September unadjusted CPI: 8.2% YoY, 0.4% MoM vs Expected: 8.1% YoY, 0.2% MoM
Developers have disclosed a critical software vulnerability within all Cosmos blockchains that run the IBC protocol, the network's cross-chain messaging and bridge protocol
These are just our top bullets, want more? Check out our daily newsletter:
What’s your take on this week’s news? Anything interesting that you have to say about these stories? Did we miss anything that should’ve been included?
💰 Fundraising Highlights of the Week 💰
📊 Crypto Market Data Highlights of the Week 📊
Notable:
Solana 30% drop in TVL
Ethereum: down ~ 17% in sales
Solana: up 100% in sales
Nansen Smart Money:
A look at how stabled up smart money is. The more stabled they are, the less risky they’re feeling and vice versa. Smart money is currently near all time highs for how much of their holdings are in stablecoins.
Largest Smart Money Inflows this week: Weekly inflow is clearly going into stables - USDC, USDT and DAI. This is interesting actually because we’ve recently primarily seen a flow out of USDC and now this is running counter to that
Largest Smart Money Outflows this week: Outflows are much lighter than inflows and this week looks like it’s primarily out of WBTC, Aave stETH and Matic.
Largest Smart Money Inflows this month: This paints a different picture. Over the past month, the most money has net flowed into Compound ETH and DAI, followed by regular DAI. The move into DAI is interesting. The trend changed from USDC to a couple months and now an uptick in DAI holdings. Worth keeping an eye on. Also interesting that smart money would rather hold the derivative Compound ETH instead of actual ETH.
Largest Smart Money Outflows this month: This again shows a net outflow of USDC. So while we have money flowing into USDC on the weekly level, the monthly is still net negative. Next we see outflows from Rocket Pool and WETH.
Nansen Hot NFT Contracts:
Highest Volume NFT collections of the past week:
BAYC: 3096 ETH
CloneX: 2845 ETH
Otherdeed: 2459 ETH
MAYC: 2195 ETH
Street Machine: 1608 ETH
🏦 DeFi Highlights of the Week 🏦
New CEO of DEX SushiSwap, Jared Gray was accused of a series of crypto fraud and once sexually assaulting a horse
Circle's USDC market cap drops below $50B for first time since Terra's collapse - taken a hit since Binance's decision to consolidate order books and Circle's decision to freeze addresses associated with Tornado Cash
Tether has eliminated commercial paper from its reserves, replacing those investments with U.S. Treasury Bills
Using data pulled from Celsius bankruptcy filing, a new tool now shows exactly how much different users lost following Celsius' collapse
CPOOL staking is live
dYdX hires former ConsenSys director as foundation CEO
Introducing the refreshed Uniswap Web App. Uniswap V3 will be available for users to trade on after zkSync launches on Oct. 28
Offchain Labs, the firm behind Ethereum layer 2 network Arbitrum, acquiring Prysmatic Labs, one of the core engineering teams behind Ethereum's transition to proof-of-stake
Binance USD (BUSD) is now available for deposits and withdrawals on the Polygon network
Cosmos developer, Agoric, is developing a stablecoin, IST, ahead of its mainnet launch for the Interchain
🖼 NFT/Metaverse Highlights of the Week 🖼
Solana NFT project DeGods has switched to a 0% royalty model in ongoing debate over royalties
NFT company Dapper Labs is blocking crypto accounts with Russian ties because of new EU sanctions on Russia
Limit Break has purchased a commercial spot starring DigiDaigaku for SUPERBOWL LVII February 12th 2023
Meta leadership has placed their metaverse VR platform, Horizon Worlds, on a “quality lockdown” through the end of the year due to persistent bugs. Meta has also partnered with Microsoft to bring a range of Microsoft Office 365 products into Meta’s virtual reality platform, aiming to entice companies into working in virtual environments
X2Y2 launches P2P NFT loan function - users can use NFTs as collateral to borrow ETH from other lenders. The current NFT whitelist only includes BAYC, Azuki, Doodles, Otherdeed for Otherside
OpenSea launches on Avalanche - currently supports Ethereum, Polygon, Solana, Klaytn, Arbitrum and Optimism. BNBChain is the only mainstream blockchain that OpenSea does not currently support
CNN pulls plug on Web3, NFT project Vault, which commemorated major news events - had promised utilities for the future and offering holders partial refunds
💸 Exchange Highlights of the Week 💸
Google selects Coinbase to take cloud payments with cryptocurrencies and will use its custody tool
FTX v2 will go live on Nov. 21, featuring an improved matching engine aimed at addressing complaints - whole new order matcher, lower latency API pathways
Huobi will sell a majority stake to Hong Kong-based investment company About Capital Management. Tron founder Justin Sun denied reports that say he has bought Huobi’s majority stake adding that he is only an advisor to Huobi
Binance may spend more than $1B on acquisitions and investments this year despite what may be a prolonged crypto winter
Coinbase gets license in Singapore and plans to expand in Asia, focusing on serving institutions
Binance launched a $500M fund to provide loans to Bitcoin miners struggling with difficult crypto-market conditions
👨⚖️ Economic/Government/Regulatory Highlights of the Week 👨⚖️
The Markets in Crypto-Assets legislation passed the European Parliament after a two-year long debate and drafting process
Yuga Labs, creators of Bored Ape Yacht Club NFTs, is facing a probe by the U.S. SEC into whether sales of some of its offerings violate federal law
Portugal's 2023 budget proposal includes a 28% income tax on cryptocurrencies held for less than a year
J.P. Morgan and Visa are teaming up to streamline cross-border payments using their private blockchain networks, Liink and B2B Connect
US crypto policy advocacy group Coin Center has filed a lawsuit against the Treasury Department’s Office of Foreign Asset Control (OFAC) over sanctioning cryptocurrency mixer Tornado Cash
Brazil's Rio de Janeiro will accept crypto-payments for property taxes
The Chinese digital yuan, the largest CBDC pilot in the world, transactions volume crossed $14B. Plans to expand on citizen payments and cross-border operations with Hong Kong
US judge allows crypto advocates to join Ooki DAO defense against CFTC
🌎 Adoption Corner:
Polygon powers India police complaint portal to battle corruption by allowing citizens to register complaints against the police without worry of it being dismissed or manipulated
The crypto space is a wild and fast paced, evolving landscape - however one filled with recurring themes and trends. The point of this newsletter is to highlight the story of crypto - as it's told over time. The board, the players, and the game itself. Follow along as we catalog and organize the chaos.
Subscribe to receive our daily brief and extended weekly newsletter along with in-house research content!
Please Share, Leave Feedback, and Follow Us on Twitter, Telegram, and LinkedIn to stay connected with us.