1 hour ago · 2 min read
Ethereum › DeFi
Developer ‘rug pulls’ Ethereum DeFi project SharedStake, SGT token falls 95%
Insider exploits the protocol’s governance token using the admin key.
Decentralized Ethereum 2.0 staking protocol SharedStake has a developer on the loose that used the admin key and exploited the protocol’s governance token SGT.
As the price of SGT plummets 95%, other team members are urging users to withdraw all funds and wait for further updates.
While warning users to exit SharedStake’s liquidity mining contracts and the Saddle pool ETH-vETH2, the team said it identified the developer responsible for the exploit.
PSA: A rogue dev from SharedStake has pulled the rug. Withdraw all SGT and vETH2 liquidity ASAP. pic.twitter.com/DjmZwQBnGe
— Mudit Gupta (@Mudit__Gupta) June 23, 2021
Saddle is an automated market maker for trading between pegged value cryptos and seems to have its contracts unaffected. Even though vETH2, a yield-bearing token with a 1:1 price ratio to Ethereum, is still safe, the loss of confidence in SharedStake spurred fears that the incident could lead to vETH2 losing peg.
Several people raised red flags about the protocol in the past, suspicious about the developers’ anonymity and lack of transparency on the project’s website.
The confidence in the protocol wasn’t boosted with its Twitter account getting suspended either.
Some of the members of the DeFi community are trying to crack the case on their own, retracing the steps and pointing to possible pending concerns.
$SGT just got rugged today before new multisig addresses were added.
h/t to WeebMcgee on discord for doing a dive on this. Smart Timelock was bypassed and hacker also tried to exploit all other dev's vesting contracts. So far vETH2 is still secure but there are concerns
— Wannabe Researcher (@wassiecapital) June 23, 2021
In the meantime, the protocol’s developers are accusing the alleged insider:
Here’s the announcement from a ShareStake dev about the inside job they suffered. Take it with a grain of ?.
— Chris Blec | DeFi Watch (@ChrisBlec) June 23, 2021
Concern about the rise of crypto exit scams and DeFi rug pulls just got boosted by another exploit, for which the losses have yet to be counted.
Meanwhile, it’s possible to recall the past week’s damage caused by the most recent incidents in the ecosystem.
Second-largest ETH2 staking pool StakeHound temporarily paused all transfers for the tokenized form of staked Ethereum, stETH, in the aftermath of losing private keys, Impossible Finance protocol on the Binance Smart Chain has been exploited for $500,000 in a flash loan attack and Iron Finance share token TITAN fell nearly 100% during a panic sell.
Is this announcing the end of the flippening narrative or is it just a part of it’s wild west chapter?