CertiK offers Merlin DEX rogue developers 20% white hat bounty CertiK offers Merlin DEX rogue developers 20% white hat bounty
CertiK said it is exploring a community compensation plan to cover the roughly $2 million stolen from the Merlin DEX exploit.
1 min read
Updated: Apr. 26, 2023 at 7:34 pm UTC
Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.
Smart contract auditor CertiK has offered Merlin DEX rogue developers a white hat bounty of 20%.
According to an April 26 statement, the blockchain security firm was exploring a community compensation plan to cover the roughly $2 million stolen.
CertiK said its initial investigations showed that the project’s developers were based in Europe. It added that it was working with law enforcement agencies to track them down.
CertiK wrote:
“Although we raised the private key privilege issues in the audit report, we want to assist impacted users. We are determined to track down those behind this rug pull.”
The blockchain firm added that it would release more information about the compensation soon.
Earlier today, CryptoSlate reported that the zkSync-based decentralized exchange confirmed that it was exploited. According to the report, the exploiters were already sending some of the stolen funds to crypto exchanges like Binance and MEXC Global.
Merlin DEX releases post-mortem
In an April 26 Twitter thread, Merlin said several members of the Back-End Team drained all of its Contracts.
According to the thread, the developers who rugged the project had made over 1,000 contributions in the last year to Github repositories. These developers are based in Serbia, and their previous projects included Discoverilla and InterFi Network.
Merlin said:
“They chose to carry out several on-chain transactions to drain all of Merlin’s pools, public sale and manipulate our front-end contracts. This was done by implementing a function that allows a Call action to all Merlin Pairs alongside hidden Front-End Contracts.”
Merlin said it was working to reimburse all affected users, adding that it had notified the relevant authorities in Serbia about the incident.
Meanwhile, the stolen funds have been traced to a wallet that currently holds 402 ETH — worth $783,195.
Mentioned in this article
Author 
Oluwapelumi Adejumo
Oluwapelumi values Bitcoin's potential. He imparts insights on a range of topics like DeFi, hacks, mining and culture, underlining transformative power.
Latest Alpha Market Report
In this article
Ethereum is a decentralized, open-source blockchain platform that enables the creation of smart contracts and decentralized applications (DApps).
CertiK
Founded in 2018 by professors of Yale University and Columbia University, CertiK is a pioneer in blockchain security, utilizing best-in-class AI technology to secure and monitor blockchain protocols and smart contracts.
