The hacker accountable for the $48 million KyberSwap heist has escalated their calls for, now in search of full govt management over the decentralized change (DEX).
The hacker revealed the up to date calls for in an on-chain message despatched on Nov. 30.
They’d beforehand expressed willingness to barter a bounty however complained of receiving threats and a common lack of friendliness from KyberSwap’s govt crew on Nov. 28.
The hacker’s newest calls for embrace complete management of KyberSwap and non permanent and full possession of KyberDAO, the platform’s governance mechanism. Moreover, they’re asking for all paperwork associated to the corporate’s construction, earnings, income, property, liabilities, and worker salaries. The attacker additionally insists on receiving all KyberSwap property, encompassing each on-chain and off-chain holdings.
In return, the hacker guarantees to purchase out the corporate’s executives at a “honest valuation” and pledges to double the salaries of staff who select to stay post-takeover. These opting to depart are supplied a 12-month severance package deal.
The message additionally outlines plans for a “full makeover” of the Kyber undertaking, aiming to extend the worth of its tokens, which the hacker at the moment deems “nugatory.” Liquidity suppliers (LPs) affected by the assault are promised a rebate equaling 50% of their latest market-making losses.
The hacker has set a deadline for the KyberSwap crew to fulfill these calls for by Dec. 10, or the provide turns into void. Moreover, any agent contact concerning the hacker’s trades on KyberSwap will nullify the proposed “treaty.”
The hacker’s unprecedented transfer has been met with a mixture of alarm and skepticism within the crypto neighborhood. It has additionally renewed debate across the safety of decentralized protocols and the best way to enhance them.
KyberSwap has but to reply
The DEX’s management crew has not but responded publicly to the hacker’s newest message.
KyberSwap initially supplied a bounty deal, proposing the hacker return 90% of the stolen funds and maintain the remaining 10%. Nonetheless, following the hacker’s lack of quick compliance, KyberSwap threatened authorized motion and claimed to have the exploiter’s digital footprints for monitoring.
The DEX additionally introduced plans for a public bounty program to encourage data resulting in the hacker’s arrest and the restoration of person funds.
From the $46 million stolen, KyberSwap has managed to get better $4.67 million, attributed to actions by operators of front-running bots on the Polygon and Avalanche networks.
The exploit, described as an “infinite cash glitch” by decentralized finance professional Doug Colkitt, was a posh sensible contract exploit throughout a number of networks, together with Avalanche, Polygon, Ethereum, Arbitrum, Optimism, and Base.