The second-largest decentralized exchange on the newly released Base blockchain – RocketSwap – announced eliminating any existing high risks and vulnerabilities a day after sustaining a “brute force hack of the server” where the platform stored its private keys.
The RocketSwap team confirmed relinquishing minting rights, which is part of its recovery plan. In a new update, the protocol said it has retained only low-risk rights to allocate new pools. The locked initial liquidity and 80k tokens, on the other hand, have been extended for 1 year.
- On August 14th, hackers stole $865,000 or 471 Ether from RocketSwap and bridged it from Base to Ethereum, which was flagged by blockchain security expert, PeckShield.
- The entity behind the attack then generated 90 trillion tokens named “LoveRCKT” and proceeded to move them to Uniswap, along with 400 ETH.
- The platform’s official statement on the attack read,
“A brute force hack of the server was detected. Due to the proxy contract linked to our farm contract, multiple high-risk permissions became vulnerable. This resulted in the unauthorized transfer of the farm’s assets. Immediate steps were taken to shut down the farm and halt further potential risks.”
- The breach prompted RocketSwap to redeploy a new farm contract by dropping the proxy contract and open-sourcing it on-chain. As part of the emergency program, the DEX announced a new farm in a bid to advance the production reduction plan by 0.075 per block.
- Among other things, RocketSwap also revealed its intention to call on the hackers to return the assets.
- This was the second project on Coinbase-incubated layer 2 solutions, Base, to have suffered an attack.
- Earlier this month, another DEX on Base called LeetSwap was drained off 342.5 ETH.
