QiDAO today announced an exploit in the network claiming all the funds are safe, but the situation is still worrying investors. This platform uses Superfluid code, and the exploit is also announced by that team. There are still some maintenance and repairs going on, but it can be a red flag for stablecoin users on Polygon.
Investors Worried About Their Funds
Exploiting blockchain platforms isn’t something new. The latest news about exploits on QiDAO is another example. But it can be very worrying for Polygon and Superfluid users.
QiDAO admits the exploit but claims the funds are safe, saying:
1/2
Quick Update. We're still assessing the situation.
– We can confirm that all funds in QiDao are safe.
– No user funds have been affected.
– We're aware there are other tokens affected.
– We'll update the community when we learn more.
– Qi bridging is temporarily paused.— Qi Dao (@QiDaoProtocol) February 8, 2022
“Quick Update. We’re still assessing the situation.
– We can confirm that all funds in QiDao are safe.
– No user funds have been affected.
– We’re aware there are other tokens affected.
– We’ll update the community when we learn more.
– Qi bridging is temporarily paused.”
It appears to be The hackers behind the attack were able to escape with $20 million worth of tokens. Based on early research, it appeared that the stolen cash belonged to some of the project’s early investors and that the monies contained team vested tokens.
The hackers responsible for the incident began dumping stolen QiDAO on the Quickswap DEX with heavy slippage, causing the price of the governance token to plummet by more than half of about 65 percent.
Traders took advantage of the opportunity to buy the dip, which has already assisted the governance token in rising to $0.6 after plunging below $0.18 earlier this year. It’s somehow clear now that the exploit was carried out by exploiting a weakness in Superfluid and that QiDAO was not used in the attack.
As mentioned above, Superfluid admitted the exploit, saying:
Today at 6.48am GMT we were notified of a potential exploit of the QiDAO vesting contract that leverages Superfluid code. We are investigating the incident and will keep you updated in this thread and our Discord server.
— Superfluid (@Superfluid_HQ) February 8, 2022
“Today at 6.48 am GMT, we were notified of a potential exploit of the QiDAO vesting contract that leverages Superfluid code. We are investigating the incident and will keep you updated in this thread and our Discord server.”
The reaction of QiDAO to the exploit is the essential element of the story. QiDAO has temporarily halted its bridge as a result of the exploit and wanted to have the problem resolved as soon as possible.
Polygons’ $450 million fundraise ended within 24 hours of the exploit being discovered; however, the community responded with overwhelming support for the native stablecoin protocol, emphasizing that the exploit was caused by a third-party vulnerability rather than a flaw in the stablecoin protocol itself.
