After much deliberation and careful thought Neptune Mutual decided to close the cover marketplaces.
After much deliberation and careful thought Neptune Mutual decided to close the cover marketplaces. Below the reasons for the decision as well as what it means for the community.
The marketplaces will be closed using an emergency withdrawal process whereby the liquidity provided to cover pools by LPs will be returned to the wallet addresses from which the liquidity was supplied. In addition to protecting cover pool LPs, there will also be refunds to all cover policy purchasers with an existing and valid policy who have paid over 10 USD in policy fees in one transaction.
For veNPM holders, please fill out this form to receive a refund for your veNPM to NPM conversion penalty.
From the end of June there will no longer be NPM emission incentives for LPs i.e. Epoch 3 of the liquidity gauge emissions will be canceled.
Unused funds raised from financial backers will be returned to those backers; this includes DEX liquidity that has now been removed from SushiSwap and Uniswap. A small amount of liquidity on SushiSwap Arbitrum has been left to enable a minimum amount of NPM trading.
The protocol will be open sourced, and become a true public good. Enabling the community to fork the code developed by the Neptune Mutual team such that others might use the existing resources to further our mission to make the blockchain space better protected against smart contracts and other risks.
There are numerous factors that have led to this difficult decision, some of which are external factors which are uncontrollable or unforeseeable. A few factors summarized below:
“Given Neptune Mutual’s Tier 1 backers, why have you not listed on a top CEX?”
This is perhaps one of the most frequently asked questions. In short, the answer is that for a variety of reasons Neptune Mutual was not able to achieve the diverse set of performance metrics (community size and engagement, marketplace user activity, DEX 24 hour trading volume, TVL growth etc.) required to list on top tier CEX. The CEXs that are prepared to list NPM token do not have the depth of liquidity or breadth of user-base to offer good prospects for NPM tokenholders.
“Why has Neptune Mutual not achieved strong growth?”
It is tempting to take a shortcut to answer this question by pointing a finger at one specific factor, but the reality is that there are many contributing factors. A few summarized below:
Since the outset of engaging with the community we have endeavored to highlight the need for DeFiInsurance; Neptune Mutual built a comprehensive dataset of on-chain hacks available, anywhere, and each week we highlight the many millions of dollars that are stolen as a result of smart contract hacks. Despite this, we have consistently been confronted by projects unwilling to spin up cover pools in our marketplace because of the sentiment that audits of their code are sufficient to persuade their community that their protocol is safe. Less than 0.3% of all digital assets are protected with some form of DeFiInsurance, and yet despite all the media reports of hacks, the conference discussions about the importance of governance or CEX proof-of-reserves, it continues to be the case that it is extremely difficult to get media attention to focus on the need for a fast and efficient means of mitigating smart contract risk.
A variety of approaches have been taken by different DeFiInsurance protocols to address this, from attending multiple conferences throughout the year and significant marketing spend, to the leaner approach that Neptune Mutual took (in part as a result of the bear market in 2023). What can be said is that no DeFiInsurance protocol has managed to achieve significant growth over the last 18 months, sadly the overall TVL of the sector has shrunk a lot.
For all the reasons above, at this moment the best course of action is no longer to double-down on investing in growth, but rather to refund unused capital and close the marketplaces.
The consequences are very tough for the Neptune Mutual team who have spent the past 3 years of their time on the mission to facilitate safer environments within DeFi. The team has delivered products according to the roadmap and the fact that the protocol was never hacked, despite attempts being made on the darkweb, is testament to the expertise, passion and absolute focus on security. The team survived the FTX and UST crisis unscathed, and believed that the continued growth in hacks would lead to growth in the demand for a good solution to mitigate these risks, but sadly, as can be seen right across the DeFiInsurance category, this is not yet in sight. So we would like to thank the team for all the dedication, skill and passion invested into the Neptune Mutual project since the outset.
The team will open source the protocol, including blockchain indexing protocol (subgraph alternative), frontend, middleware, database, and backend code, to make it a true public good. This will allow anyone to fork the code and create covers by defining parameters and premium ranges, potentially leading to innovative covers and organic usage.
The Discord channel will be closed to reduce the risk of phishing and other types of cyber attack, any questions / queries will be responded to in the Telegram channel.
We want to take this final opportunity to thank you all for your support.
Neptune Mutual will contact only its financial backers, with whom a signed agreement exists, in relation to next steps (i.e. holding NPM tokens does not qualify you for any form of refund). Contact will be made only from a neptunemutual.com domain email address so please check the source of any email you may receive very carefully. Please ignore any messages from any other email or social media accounts in relation to token/cash refunds.
In 2016, The DAO had raised $150 million worth of ETH through a token sale, the majority of which was subsequently drained by a hacker who exploited the vulnerability using a Reentrancy attack.
The DAO, or Decentralized Autonomous Organization, was founded to coordinate human effort through smart contract execution using decentralized decision making on the community's protocols.
The primary cause of the attack was the ability of the hackers to exploit the flaw in the DAO smart contract using a reentrancy attack.
In a reentrancy attack, an attacker can continually call an external contract from within a contract, forcing the contract to enter an infinite loop and allowing them to drain the contract's funds or interfere with its operation.
In this case, the attacker was able to repeatedly invoke a contract function, allowing them to transfer funds from the DAO to a child DAO.
On April 30, 2016, the DAO was launched, beginning with a token sale that distributed DAO tokens in exchange for ETH.
The DAO raised $150 million from 11,000 investors in three weeks of the 28-day token sale, making it one of the largest crowdsourcing initiatives in history.
During the event, suspicions regarding a vulnerability in The DAO's wallet smart contract, which would drain their funds, were on the rise.
Attack Event:
While the developers were trying to address the issue, an attacker started to exploit the vulnerability to steal funds from The DAO.
The DAO contracts held almost 14% of the ETH that was in circulation at the time of the incident, therefore the hack not only could cause the investors to suffer a substantial financial loss but also had severe ramifications for the Ethereum community.
The hacker stole 31% of the ETH in The DAO, totaling 3.64 million ETH, or around 5% of all outstanding ETH at the time.
To put things into perspective, the hacked amount was worth $70 million at the time of this event, and at the current trading price of $1,268 per ETH, the 3.64 million ETH are worth around $4.61 billion, while at its all-time high price of $4,891, the same were worth $17.8 billion.
Remedy:
Vitalik Buterin initially suggested a soft fork of the Ethereum network that would blacklist the attacker and forbid them from moving the stolen funds.
However, shortly after receiving this notice, the attacker published an open letter to the Ethereum community, claiming that the funds were obtained legally and in accordance with the rules outlined in the smart contract.
A bug was found in the updated code that made it vulnerable to attack, at which point a hard fork was suggested as a fix and eventually carried through.
Implementation:
The Ethereum hard fork was implemented on July 20, 2016, at block 192,000, when miners, exchanges, and node operators agreed to update their software following the execution by Ethereum developers.
Blockchains are meant to be immutable and censorship-proof. The cost of decentralized tamper resistance is that a truly trustless and tamper-resistant system would require no intervention, even if the consequences were severe.
However, the hard fork allowed investors to withdraw their funds and reset the Ethereum network's history to before The DAO hack, which resulted in the redistribution of The DAO's ETH to another smart contract.
The modification led to the creation of two distinct Ethereum blockchains: the pre-forked version, now known as Ethereum Classic (ETC), which continued to be used by people who rejected the hard fork, and Ethereum, which is currently the hard forked upgrade of its original version.
Attack - Explained:
The reentrancy attack takes advantage of the way fallback functions operate. Fallback functions are unique Solidity constructs that are activated in particular circumstances.
When ETH is sent to a fallback's enclosing contract without any accompanying calldata and the declaration of a receive function, the fallback can be triggered. However, in this case, the fallback must be marked payable in order to receive the ETH. A fallback function may also contain arbitrary logic.
The DAO's smart contract kept track of each investor's investment in The DAO via a state variable called “Balances”. This is clearly different from the ETH balance of the smart contract, which is not stored in a state variable.
The hacker set up a smart contract that acted as the investor, depositing some ETH into The DAO. This gave the hacker the ability to subsequently invoke the withdraw function in The DAO's smart contract.
The DAO's contract transferred ETH to the hacker when the withdraw function eventually got called.
However, the hacker's smart contract purposefully lacked a receive function; as a result, the hacker's fallback function was activated when it received ETH via the withdraw request. This fallback method could have been empty and received ETH regardless, but it contained malicious code.
This code immediately upon execution called the withdraw function of The DAO's smart contract. This initiated a loop of calls because the initial call to withdraw was still running at the time.
It would only stop executing when the hacker contract's fallback function completed, but the withdraw function has been re-called, initiating a cycle of calls between the hacker contract and The DAO's smart contract.
Each time the withdraw function was invoked, The DAO's smart contract attempted to send the hacker ETH equal to the hacker's deposit. However, it does not alter the hacker's account balance until after the ETH transfer has been completed.
However, the ETH transaction cannot be completed until the hacker's fallback code has completed execution. Therefore, the DAO's contract continued to supply more and more ETH to the hacker without decrementing the hacker's balance, ultimately draining The DAO's funds.
As a result of the hard fork, the hacker was left with Ethereum Classic instead of ETH. After the heist, the perpetrator made an effort to hide some of their actions by transferring funds using the privacy-mixers Wasabi Wallet.
Researchers were able to identify the exchanges that subsequently received the funds stolen from accounts allegedly managed by Toby Hoenisch, co-founder and chief financial officer of the Euro-pegged stablecoin project Mimo Capital, thanks to a tool created by Chainalysis that de-mixed these transactions.
The simplest method to mitigate the Reentrancy attack in this situation would be to flip the order of operations in The DAO's withdraw function so that the caller's balance would be adjusted before The DAO contract could send them their ETH via a function call. As a result, when the callback function would attempt to reenter into the withdraw function, and since the hacker's balance would have been reduced at the time of reentry, the “require” validation would evaluate to false, finally reverting the transaction. The function call would return a response indicating that it had failed to withdraw the sender’s balance as a result of the revert.
Neptune Mutual safeguards the Ethereum community from cyber threats, but we were not available as a marketplace at the time of the event, thus users and investors who were victims of the The DAO hack probably had no way of recovering their funds. We may not have been able to prevent this hack from occurring, but we could have reduced or mitigated the aftermath of the attack. We offer coverage to users who have suffered a loss of funds or digital assets occurring as a result of smart contract vulnerabilities owing to our parametric policies.
Users who would have then purchased the available parametric cover policy for The DAO need not provide loss evidence in order to receive their payout. Payouts would have been made as soon as this type of incident was resolved through our governance system.
Neptune Mutual's security team would also have evaluated the platform for DNS and web-based security, frontend and backend security, intrusion detection and prevention, and other security considerations.