- The hack on Polygon stablecoin QiDao comes barely a day after Polygon Community accomplished a $450 million non-public token sale
- QiDao protocol shared an replace, confirming that person funds on QiDao contracts are secure
Mai Finance creator QiDao has been exploited to a tune of $13 million. The Polygon’s native stablecoin protocol shared a Twitter post a number of hours in the past revealing that its Superfluid vesting contract had been compromised.
“Superfluid’s vesting contract for QI has been exploited. Person funds on QiDao contracts stay secure. The exploit is solely on Superfluid. We’ll launch an replace after we know extra,” QiDao wrote.
The workforce despatched a fast replace by way of a follow-up post detailing that the scenario was nonetheless beneath evaluation. The replace additionally specified that no person funds had been affected and that Qi bridging had been suspended in the interim.
“We’re nonetheless assessing the scenario. We will verify that every one funds in QiDao are secure. No person funds have been affected. We’re conscious there are different tokens affected. We’ll replace the group after we be taught extra. Qi bridging is quickly paused.”
QI token value dips
Though the information of the exploit hadn’t made headlines on many crypto information shops on the time, it left an enormous dent out there worth of the governance token QI. The worth of QI plunged from $1.238 proper earlier than the exploit was reported to $0.166 in lower than two hours because the perpetrator(s) dumped the tokens on Quickswap.
Market knowledge exhibits that the token has hemorrhaged 40% of its worth within the final 24 hours. Many traders rushed to purchase QI at a low value, consequently pushing the worth increased. QI is now buying and selling at $0.73 as per CoinMarketCap.
Superfluid, which describes itself as a ‘DeFi primitive to automate recurring transactions and monetise Web3’, is a brilliant contract framework that operates on Ethereum.
The Superfluid Twitter workforce acknowledged the exploit on QiDAO and warned customers to “keep away from interactions with Superfluid good contracts till additional discover.” The workforce additionally requested customers to unwrap their SuperTokens as they may very well be focused by the malicious actor(s).
The attacker(s) stole an estimated $13 million price of tokens, most likely from the workforce vested token pool since person funds weren’t affected. CoinTelegraph studies that these tokens embrace 1.5 million MOCA, 562,000 USDC, 40,000 sdam3CRV, 23,000 STACK, 44 SDT, and 24 WETH.
Value noting, the exploit comes lower than two months since Superfluid launched MAIx, permitting customers to stream MAI (miMatic). Beforehand QiDao leveraged Superfluid to stream QI tokens to contributors on Polygon.