Weekly Report (Apr-17)
Yearn Finance, & Hundred Finance exploit. Canon, Adidas, and Mastercard web3 initiatives.
Playing the video that you've selected below in an iframe
Sony Music has filed a trademark application for NFT-authenticated music. LG to launch NFT market.
The metaverse can revolutionize the way we do business, hang out with friends, and even have fun at work. It might usher in a new golden age when we can revel in our uniqueness, pursue our passions, and reclaim ownership of our personal information. The ability to express our individuality, create unique objects, and see cultural events that were before only a fantasy are all within our reach in virtual worlds. Our physical locations once prevented us from attending beautiful exhibitions and performances, but the advent of the metaverse has removed limitations from all of these cases. Attending a concert by your favorite band or musician who is performing thousands of kilometers away will no longer be an issue.
DaoSwap was attacked for 580,000 USDT in an attack that allowed users to put the inviter’s address as themselves due to mining rewards that were larger than the fees charged during the swap process and lack of verification. The perpetrator borrowed USDT via several flash-loans. Then he exchanged some USDT for DAO and transferred it to an address believed to be utilized for prize distribution calculation. The attacker then repeatedly swapped USDT and DAO tokens by invoking the contract to issue the reward to himself.
An attacker was able to deploy a custom smart contract at Nereus Finance that utilized a $51 million flash loan to manipulate the AVAX/USDC Trader Joe LP pool price for a single block, allowing the exploiter to mint 998,000 NXUSD against $508k in collateral. The team subsequently notified the community about the problem via its Discord-based channels, which was picked up by numerous onchain analysis groups, who reported the flash loan exploit as resulting in a $371k profit for the attacker. They also neutralized the exploit by liquidating and stopping the abused JLP market. The exploit was purportedly created by a missed step in the price calculation, which lacked a time-weighted average price mechanism to prevent the manipulation of a single block.
A private key leak compromised the security of the GERA token, resulting in a loss of $1,480,000. Hackers moved ownership of the smart contract deployer for the GERA token to a different address. The hacker then created two further smart contracts, minted 2,179,340,915.1246 GERA on the Ethereum network, and transmitted 110,000,000 GERA to decentralized exchanges. Additionally, they minted a total of 275,900,000 GERA on the Binance network and distributed 80,543,200 GERA. Consequently, they dumped GERA on decentralized platforms and moved it to centralized exchanges. The team has contacted exchanges to temporarily suspend trading, deposits, and withdrawals of the GERA token.
The New Free Dao project on the BSC chain was subject to a flash loan assault, resulting in a loss of around $1.25 million in asset value. The primary cause of this attack is that the method of computing incentives in the contract is very simplistic and solely dependent on the caller's balance, leading to arbitrage through flash loans. The attacker borrowed a significant amount of $WBNB from Pancake via a flashloan, swapped it for $NFD tokens, and then transferred the $NFD tokens to the attack contract, which then created a second attack contract to accept the funds. The latter contract calls on one of the functions in the hacked contract, which is not open source. By decompiling the contract, it is revealed that the function merely calculates and transfers the incentive based on the caller's NFD token balance. In such a fashion, the higher the balance, the higher the reward would be. The exploiter later converted the NFD tokens to WBNB via PancakeSwap, refunded the flashloan, and kept a total profit of 4,481 $WBNB tokens.
Sony Music Entertainment, the American music giant, has indicated its intention to use NFTs by filing a trademark application covering music and artists under the Columbia Records logo. The trademark application filed with the United States Patent and Trademark Office (USPTO) covers audio and video recordings of live musical performances authenticated by NFTs. The application also covers marketing services, promotion, distribution, marketing, advertising, and online entertainment, including podcasts and audiovisual recordings.
Leading fashion businesses have expanded their horizons beyond the bounds of conventional design to investigate novel fashion ideas and technology, such as the use of NFTs and the exploration of the Metaverse and augmented reality. Wrangler Jeans, a renowned denim fashion brand, has teamed up with the successful PFP NFT venture Deadfellaz. Deadfellaz announced the collaboration on Twitter, which would bring Web2 and Web3 together. They also promised a contest to kick off the cooperation. Competing as a team is a Deadfellaz staple, and this competition gives fans the chance to do so while also earning digital and tangible rewards. A request to "stay tuned for further info" follows in the tweet.
The South Korean electronics company LG has launched its own new NFT marketplace, named LG Art Labs, to all US LG television users running webOS 5.0, becoming the nation's second-largest television manufacturer to do so. People can purchase, sell, and trade NFTs from the comfort of their homes thanks to the marketplace, which is available from the LG home screen. Wallypto, LG's in-app cryptocurrency wallet created by the Hedera network, manages transactions on LG Art Labs.
Bridge Mutual has added support for the Polygon network. Users of their platform can now purchase coverage for their Polygon protocols.
Insurace Protocol has been listed on PancakeSwap. Users on the BNB-Chain ecosystem can now seamlessly purchase native $INSUR tokens.