Introduction

What Is Solana? How Does It Work?

Solana is a cryptocurrency that was designed to work similarly to and improve upon Ethereum. Named after a small Southern Californian coastal city, Solana is the brainchild of software developer Anatoly Yakovenko.

Yakovenko first proposed the innovative blockchain in 2017, and Solana launched in March 2020. It’s quickly become a popular crypto, ranking among the top 10 cryptocurrencies by market cap.

In recent news, the Solana ecosystem experienced a hack on Aug. 2. Blockchain investigators and crypto investors allege there was a private key compromise that allowed hackers to steal Solana tokens, known as SOL, from Slope, Phantom and TrustWallet. Users reported that their funds were drained from these “internet-connected” wallets.

Solana Status, which is run by the Solana Foundation, tweeted about the incident: “After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications. This exploit was isolated to one wallet on Solana, and hardware wallets used by Slope remain secure. While the details of exactly how this occurred are still under investigation, but private key information was inadvertently transmitted to an application monitoring service.”

Mango DA0

Mango DAO governs the Mango Markets protocol - a borrowing/lending and leverage trading platform built on the Solana network, utilizing the Serum Decentralized EXchange

ccording to the Mango governance forum, the Mango Markets community is prepared to strike a deal with its hacker, enabling the hacker to keep $47 million as a bug reward.

According to the proposal, the hacker will keep $47 million while returning the remaining $67 million in tokens. The settlement has received support from 96% of the voters, and also guarantees that Mango Markets will not take legal action or won’t freeze the funds in the matter.

The members of the Mango Market community reacted on twitter in regards to the set agreement as well.

analysis

description

Mango Markets’ designated wallets for the refund has received only $8 million since the proposal launched some 12 hours ago.

If the hacker makes good on his promise, mango DAO treasury will complete the remaining funds needed to pay off the $70 million bad debt.

According to the Mango team, all deposits will receive their refunds once the proposal is passed and the hacker returns the funds.

As of press time, the proposal has reached a quorum of over 96%, with 119,000 votes in affirmation. Expectedly, the proposal will be passed on Oct. 15, at about 5:30 am EST.

According to CryptoSlate data, the  token is recovering having increased by about 11% in the last 24 hours, and trading at $0.02615.

description

After stealing the money, the hacker requested payment and posted a request for $70 million on the Mango Market’s decentralised autonomous organisation (DAO) forum at the time. The hacker has voted for this proposal using millions of tokens stolen from the exploit.

The counter proposal from the DAO lists the assets and the amounts stolen, asking the thief to return them based on an agreement with the DAO, including 799,155 mSOL, 761,577 SOL, 281.498 BTC, 2,354,260 SRM, 226 ETH, 11,774 FTT, 608 BNB, 152,843 GMT, 98,295 RAY, 1809 AVAX, 32,409,565 MNGO, and 10,000,000 USDC.

The proposal states that the hacker should “send back the assets other than USDC, MSOL, MNGO, and SOL” within 12 hours of the proposal. Also remaining assets shall be sent within 12 hours once the vote is complete and passes.

description

Nonetheless, the whale’s moves following the attack suggest that they are aware of potential criminal proceedings. Posting on the Mango DAO governance forum, the attacker presented a proposal that would see them return the majority of the drained funds if the Mango team agreed to use $70 million worth of USDC from its treasury to repay the protocol’s “bad debt.” If passed, the treasury would go to Mango users who had deposited to the now-drained protocol. 

In their note, they also suggested that voting for the proposal would count as an agreement to drop any plans for a criminal investigation. It read: 

Methodology

> I have used

> solana.core.fact_events join solana.core.dim_labels > > solana.core.dim_labels > > solana.core.ez_staking_lp_actions

> \

> to get the charts, tables and data above.

address contract ::

> # label_type IN ('dex', 'defi') > > Analyzer > > Discord: superfly#5104 > > Twitter: superfly_5104 > > Tweet link for this Dashboard::

Conclusion

the counter proposal from the DAO lists the assets and the amounts stolen, asking the thief to return them based on an agreement with the DAO, including 799,155 mSOL, 761,577 SOL, 281.498 BTC, 2,354,260 SRM, 226 ETH, 11,774 FTT, 608 BNB, 152,843 GMT, 98,295 RAY, 1809 AVAX, 32,409,565 MNGO, and 10,000,000 USDC.

The proposal demands the thief send most of the funds to a wallet

owned by the Mango Upgrade Council.

Within 12 hours of the proposal opening, you shall send back the assets other than USDC, MSOL, MNGO, and SOL as a show of good faith," the proposal reads. "The remaining assets shall be sent within 12 hours once the vote is complete and passes

The DAO’s proposal says it will not pursue criminal investigations or freeze funds once the tokens are returned as agreed. With 11 hours to go, the proposal has 119,821,720 (96.3%) yes votes and 4,601,240 (3.7%) no votes.

Mango DAO further stated that funds sent by the thief and funds in the DAO's treasury will be used to cover any remaining bad debt in the protocol to make "mango depositors whole.