On August 7th, 2023, an attacker exploited cypher’s primary contract by uncovering bugs related to mechanisms involving isolated margin sub accounts. This allowed them to withdraw more funds than initially deposited, leaving the system with bad debt. Link to post-mortem can be found here.
In total, the following assets were stolen by the attacker:
149,205.1138 USDC
15,452.0041 SOL
14,675.33926 jitoSOL
8,749.911376 mSOL
0.9987616 wETH
1 BONK
1 UXD
1 ORCA
Our number 1 goal is the recovery of the stolen funds and making users whole. We’ve worked tirelessly with entities across Solana and the broader crypto ecosystem to pinpoint wallets connected to the theft. We're in dialogue with associated cryptocurrency exchanges and authorities.
User trust is paramount. As part of our commitment, We've organized a parallel effort to make sure users' losses are minimized. Cypher will expedite the IDO, initially planned for the end of September. This decision, beyond just addressing the current challenges, showcases our dedication to our community and our agility to prioritize our community’s needs. The primary aim of this advanced IDO is to strengthen our platform's financial foundation and compensate those affected by the incident. Your support has been invaluable, and we'll continue to provide regular updates.
Before initiating the IDO, Cypher will transition funds from the existing smart contract to a new one. This facilitates the process for impacted users to claim their designated redemption packages. The distribution will be based on a pro-rata share determined from a snapshot at the point when the protocol was frozen.
Restoration: First and foremost priority is to ensure that affected users are compensated fully.
Reinforcement: Funds raised will also be channeled towards fortifying our platform's security and infrastructure.
Resilience: By moving ahead with the IDO, we aim to send a clear message: Cypher is here to stay, evolve, and thrive, no matter the challenges.
Socializing losses and redeeming funds: A pro rata redemption package of current assets in the Cypher protocol, redeemable by wallets that associated to margin accounts on cypher.
Token launch — IDO: Funds from token launch will be used to sustain protocol development, pay for audits to relaunch the protocol, and initiate a treasury for the protocol.
Returning funds: The protocol’s continued development and success will be used to make users impacted by the exploit whole over time. A debt token will be airdropped to impacted users at time of IDO that will be redeemable for USDC via protocol activity.