The hacker answerable for the $48 million KyberSwap heist has escalated their calls for, now looking for full govt management over the decentralized trade (DEX).
The hacker revealed the up to date calls for in an on-chain message despatched on Nov. 30.
That they had beforehand expressed willingness to barter a bounty however complained of receiving threats and a common lack of friendliness from KyberSwap’s govt crew on Nov. 28.
Full takeover
The hacker’s newest calls for embody complete management of KyberSwap and momentary and full possession of KyberDAO, the platform’s governance mechanism. Moreover, they’re asking for all paperwork associated to the corporate’s construction, earnings, income, belongings, liabilities, and worker salaries. The attacker additionally insists on receiving all KyberSwap belongings, encompassing each on-chain and off-chain holdings.
In return, the hacker guarantees to purchase out the corporate’s executives at a “truthful valuation” and pledges to double the salaries of staff who select to stay post-takeover. These opting to go away are supplied a 12-month severance bundle.
The message additionally outlines plans for a “full makeover” of the Kyber undertaking, aiming to extend the worth of its tokens, which the hacker at the moment deems “nugatory.” Liquidity suppliers (LPs) affected by the assault are promised a rebate equaling 50% of their latest market-making losses.
The hacker has set a deadline for the KyberSwap crew to satisfy these calls for by Dec. 10, or the provide turns into void. Moreover, any agent contact relating to the hacker’s trades on KyberSwap will nullify the proposed “treaty.”
The hacker’s unprecedented transfer has been met with a mixture of alarm and skepticism within the crypto neighborhood. It has additionally renewed debate across the safety of decentralized protocols and the best way to enhance them.
KyberSwap has but to reply
The DEX’s management crew has not but responded publicly to the hacker’s newest message.
KyberSwap initially supplied a bounty deal, proposing the hacker return 90% of the stolen funds and maintain the remaining 10%. Nonetheless, following the hacker’s lack of speedy compliance, KyberSwap threatened authorized motion and claimed to have the exploiter’s digital footprints for monitoring.
The DEX additionally introduced plans for a public bounty program to encourage data resulting in the hacker’s arrest and the restoration of consumer funds.
From the $46 million stolen, KyberSwap has managed to get well $4.67 million, attributed to actions by operators of front-running bots on the Polygon and Avalanche networks.
The exploit, described as an “infinite cash glitch” by decentralized finance professional Doug Colkitt, was a fancy good contract exploit throughout a number of networks, together with Avalanche, Polygon, Ethereum, Arbitrum, Optimism, and Base.
