TL;DR#
- Rarible has announced a marketplace builder for Polygon based NFTs.
- Yves Saint Laurent has filed trademark applications for NFT and Metaverse.
- University Of Singapore has invented VR Glove to level up user experience in the metaverse.
NFTs and Metaverse have continued to attract institutions, public figures and brands despite facing an extended bear
market. These digital assets are likely to play a significant role in the next wave of change across many industries,
including art, games, music, and fashion, as they combine the fascinating worlds of virtual reality (VR), the
interactive immersive experience, the interconnected participation of social media, and the lucrative trading of
cryptocurrencies.
Blockchain Hacks#
Midas Capital was exploited by a hacker due to read-only reentrancy issue, causing a loss of assets worth 663,101
MATIC amounting to over $660,000. The team had listed the WMATIC-stMATIC Curve LP token on their platform, which was
manipulated by means of a flash loan from Balancer V2, AAVE V3, and AAVE V2, allowing the attacker to inflate the LP
token price and borrow against it. The attacker used 270,000 $WMATIC in collateral to mint about 131,000 jFIAT tokens.
After a series of price changes, the attacker created a new contract and utilized 1/10 of the borrowed amount to
liquidate the debt and redeem 103,000 jFIAT tokens. When the supplied liquidity was removed from Curve, the hacker
triggered a callback that allowed them to borrow assets at an inaccurate price of the Curve LP in Midas Capital,
increasing their collateral by tenfold. In
this blog, we have provided a detailed analysis of the exploit.
The OMNI Real Estate project (ORT Token) on the BNB chain was attacked owing to a smart contract vulnerability, after
which the hacker gained 236 BNB, worth approximately $70,705. The vulnerability occurred due to the existence of a
flaw in their StakingPool Contract, which did not have adequate parameter validation. When the attacker called the
invest function of the contract the end date value was set to 0, which effectively passed the contract’s verification.
The attacker thus invested 1 Wei and then invoked the withdraw function to withdraw ORT token rewards. These
operations were repeated to earn profit. The ORT tokens were later swapped to BNB for profits. The detailed analysis
of the exploit can be found in our blog
here.
A flash loan attack on Upswing Finance resulted in the loss of approximately 22.58 ETH, worth $35,800. The attack
occurred owing to the design flaw of UPStkn token, which allowed the hacker to manipulate its price in the liquidity
pool. The UPStkn token would be accumulated when transferring, specifically if the receiving address is a pair
address. If the receiver is a UNI pool, the amount of UPStkn token in the pool will be burned, which will alter the
pool pricing and provide the hacker an opportunity to make profit from it. The attacker utilized about 18 swaps to
lift UPStkn token selling pressure, exchanging 1.31 ETH for 136,299.97 UPStkn tokens, then transferred 0 UPStkn tokens
to himself to trigger the release Pressure, which burned the LP's 573,300.39 UPStkn tokens in order to increase
the price of UPStkn. The attacker then sold the earlier obtained 136,299.97 UPStkn for a profit of 22.589 ETH after
manipulating the token price. We have provided a detailed analysis of the exploit in this blog.
Thoreum Finance was hacked as a result of smart contract vulnerability, causing the protocol to lose approximately
2260 BNB worth $580,000. The vulnerability occurred due to an incorrect implementation of the transfer function in
their contract, in which if a wallet sent funds to itself, the amount of tokens in the wallet would be increased by as
much as the sent amount. The attacker deposited BNB in order to obtain WBNB tokens, utilized a function of the
contract to mint THOREUM tokens, swapped everything on BiSwap, and finally transferred the tokens to themselves. When
an exploiter-deployed contract performed a transfer call to itself, its balance grew as a result of the vulnerable
logic in the transfer function. This procedure was repeated several times after which the contract held more than
500,000 THOREUM tokens, which were converted to WBNB and laundered to Tornado Cash. A detailed analysis of the exploit
can be checked in this
blog.
According to Beosin, the FFF token was a rug pull, in which funds worth $648,000 were
siphoned off. The creator of First Free Finance minted a large amount of FFF tokens then ultimately sold them.
Rarible, a leading NFT marketplace, has announced the availability of a marketplace builder for Polygon-based NFT collections. With this
advancements, Polygon creators may engage with and extend their networks in entirely new ways. The marketplace builder
requires no coding knowledge to use and does not charge any additional fees for any
activity. Users will also be able to mint NFTs and construct personalized storefronts on Polygon. It also has an
aggregation function, which allows users to access collections from other major secondary markets.
Yves Saint Laurent, the French luxury fashion house, has filed trademark applications for its name and logo to be
used in the metaverse and in the NFT space. This news follows a tweet from Mike Kondoudis, a registered trademark attorney with the United
States Patent and Trademark Office (USPTO). Makeup, skin care, and facial care preparations, for example, will be
available for use in virtual worlds and the metaverse. The trademark also include the provision of digital multimedia
content that will be authenticated through the use of NFTs. The files include fragrance, toiletry, and
cosmetics-related artwork, text, audio, and video. In addition, the trademark filings suggest providing a Yves Saint
Laurent online retail store with virtual goods.
The University of Singapore has developed a virtual reality glove that allows you to
feel objects in the metaverse. The procedure includes pressured fingertips and restricted motion to simulate the
sensation of picking up objects in real life. The purpose is to let medical personnel practice in Virtual Reality,
such as grasping surgical instruments or checking a patient's pulse. The VR glove is a significant leap in
wearable technology because it is a completely untethered haptic system. With this superfast feedback loop, the glove
interacts with the metaverse in nearly real-time, with minimal lag for users. Furthermore, the gloves are lighter and
less expensive than those currently on the market.
OnChain Insurance Industry News#
Neptune Mutual announced that the underwriting capital for the Binance Exchange cover pool and Curve Finance V2 were
fully utilized, and encouraged new LPs to contribute to the liquidity to the pool to benefit from the relatively high
LP returns resulting from the high utilization.
Additionally, Neptune Mutual announced the launch of “Popular DeFi Apps”, a new diversified cover pool that's
been created and funded by one of their partners. One Inch, Sushiswap, Compound, Uniswap V3, Convex Finance, GMX,
dYdX, AAVE V3, and Bancor are among the companies in the cover portfolio.
Nexus Mutual has scheduled the release of V2 of their protocol for the first week of February. Among the protocol
enhancements are tokenized cover features and tracking of key metrics.
InsurAce Protocol has released their 2023 roadmap, which focuses on increasing revenues, launching new products, and
developing the Crypto Deposit Insurance Scheme (CDIS).
