The ParaSwap community, operating as a decentralized finance (DeFi) aggregator, has reached a consensus to provide compensation to victims of a recent hack, utilizing resources from its treasury.
Proposed by the ParaSwap decentralized autonomous organization (DAO) on April 4, the initiative aimed to reimburse individuals affected by the AugustusV6 contract vulnerability. Following a three-day voting period, an overwhelming 96.81% of ParaSwap voters endorsed the DAO’s proposed strategy for compensating users.
The AugustusV6 contract, introduced briefly on March 18 to enhance swapping efficiency and diminish gas fees, inadvertently harbored a significant flaw. Exploiting this vulnerability, hackers siphoned funds from users who had authorized the upgrade.
Although prompt action prevented potential losses of up to $3.4 million, approximately $864,000 worth of assets were still compromised. ParaSwap collaborated closely with blockchain analytics and security firms Chainalysis and TRM Labs to identify the hacker addresses and track the fund movements.
The ParaSwap Foundation, affirming its commitment to addressing the aftermath of the breach, declared its intention to cover additional expenses linked to the vulnerability. This includes refunds, engagement with security analysts, thorough contract re-audits, communication with authorities, and the formulation and execution of the refund process.
As of April 4, ParaSwap disclosed the successful recovery of around $500,000 in assets. This recovery significantly reduced the portion of funds still unaccounted for, which had been drained by users depositing into a compromised account, by 63%.
Fund Recovery Update:
Following the work done both by our core team and partners, approximately $500k worth of assets have been recovered from a hacker who had misappropriated the most funds.Thanks to this rescue, the amount of funds still unaccounted for – which comprise users…
— ParaSwap (@paraswap) April 4, 2024
According to ParaSwap, issuing full refunds to affected users aligns with the project’s overarching goal of ensuring long-term sustainability.
Data compiled by blockchain security firm PeckShield highlights a positive trend in asset recovery from March hacks, with nearly $100 million in digital assets retrieved. Despite significant initial losses, 52.8% of the stolen funds were successfully recovered. Notably, a substantial portion of the reclaimed funds stemmed from a security incident involving an NFT game called Munchables, based on the Blast network.