One of Coinbase’s new Layer two, Base projects, dubbed RocketSwap Labs’ has described its emergency plan to recover from a brute force hack that on August 14 stole $865,000 or 471 Ether from the protocol.
On August 15, the team announced its plans to, among other things, re-deploy a new farm contract, open-source it on-chain, give up minting rights (probably for RCKT), and soon demand the recovery of the assets from the hackers:
According to blockchain security company PeckShield , on August 14, a hacker stole about 471 ETH and crossed it from Base to Ethereum.
The exploiter then produced the 90 trillion “LoveRCKT” tokens and sent them, along with 400 ETH, to Uniswap, according to the statement.
On August 14 at 11:06 UTC, RocketSwap Labs validated the information. A few hours later, PeckShield and another blockchain security company, CertiK, provided more information regarding the exploit.
According to RocketSwap Labs, a server brute force attack was discovered, and the farm contract’s proxy contract resulted in a number of high-risk permissions that allowed the assets of the farm to be transferred.
“To stop additional harm, we shut down the farm,” the company stated .
A server brute force attack is usually the attempt to decrypt or unlock a password-protected resource using every possible combination of the password’s characters. An attacker who has access to the resource that is encrypted but does not know the password performs this.
As a decentralized exchange on Base, RocketSwap intends to progressively transition to community ownership via a decentralized autonomous organization.
Coinbase told CCN that “given the permissionless and open nature of Base, we expect to see various types of projects built on the network. We encourage consumers to do their research diligently before participating in any dapp, on Base or any other chain, just as they would on the open internet.”
Since it began operations, the Base has had numerous problems. Leading Base blockchain decentralized exchange LeetSwap shut down trading after discovering a security flaw in their manufacturing facility, raising concerns about a possible pool liquidity breach.
The team decided to take a break so they could look into the problem more thoroughly. The seriousness of the current crisis was demonstrated by PeckShield’s claim that about 340 ETH had been stolen from Base’s liquidity pairings.
The value of the BALD memecoin significantly declined before LeetSwap’s trading halt. The developer of the token removed 6800 ETH, equivalent to almost $12.5 million, from the liquidity pools on LeetSwap, raising questions and adding to the problems the platform already had. This caused the meltdown.
Additionally, Coinbase is facing its own regulatory difficulties due to becoming the target of the US Securities and Exchange Commission (SEC). Except for Bitcoin trading, the Securities and Exchange Commission has ordered Coinbase to halt all cryptocurrency transactions. After contesting the regulatory body’s ruling, Coinbase launched a lawsuit against the exchange.
The Base community hopes for a time when a decentralized, autonomous organization will take control of the exchange while RocketSwap Labs navigates this turbulent time. This forward-thinking strategy embraces the idea of community-owned decentralization and creates a way out of the chaos brought on by breaches.
The bold response from RocketSwap Labs denotes a special effort to recapture stability and control inside the decentralized finance ecosystem in a context full of difficulties and uncertainty. The crypto community is excited and hopeful about the upcoming chapters of this story because they promise innovation and resiliency.