Skip to timeline

Web3 is Going Just Great

...and is definitely not an enormous grift that's pouring lighter fluid on our already smoldering planet.

Created by Molly White. Subscribe to her newsletter for weekly recaps.

Start from the top

Per a court order, Oasis rewrites the rules for Jump Crypto to recover stolen assets

In a world where "code is law", crypto users don't necessarily expect that the smart contracts might change out from under them — particularly given contracts are often assumed to be immutable once they're deployed. However, for various reasons including the need to patch bugs in deployed contracts, some projects use upgradable smart contracts.

This decision was what allowed Jump Crypto to obtain a court order requiring the Oasis platform to "upgrade" a smart contract in such a way that Jump Crypto could remove stolen funds from where the hacker had placed them on the Oasis protocol. Oasis released a defensive statement, writing that their cooperation in the recovery was "only possible due to a previously unknown vulnerability in the design of the admin multisig access", and that "we will be making no further comment at this time". Oasis is a frontend for the MakerDAO project, which was originally started as part of MakerDAO but later spun into a separate entity, though it still appears to enjoy preferred status by MakerDAO.

The stolen funds in question were the proceeds of the February 2022 Wormhole bridge exploit, in which attackers stole 120,000 wETH (then ~$326 million; now $192 million). After the hack, Wormhole's parent company Jump Crypto plugged the hole left by the hack with their own funds. Since then, the attackers have been moving the funds throughout the cryptocurrency ecosystem, even taking out a highly-leveraged position on in Lido-staked Ether last month.

Ultimately, Jump was able to recover around $140 million via their "counter-exploit". While many celebrated the recovery, some were concerned about the precedent of a so-called defi platform changing a smart contract to remove funds from a wallet at the direction of a court. Some described the upgradability as a "backdoor". "If they'd do it for Jump, what does that say about possible coercion via state actors?" wrote one trader on Twitter.

Theme tags: Hmm, Law
Tech tags: DeFi

Sam Bankman-Fried indicted on four new charges in criminal case

Sam Bankman-Fried pictured from the shoulders upSam Bankman-Fried (attribution)
Sam Bankman-Fried, the founder and former CEO of the now-bankrupt FTX exchange, was already facing eight criminal charges for offenses including wire fraud, securities fraud, money laundering, and campaign finance violations. Now, US prosecutors have slapped him with four more charges including conspiracy to operate an unlicensed money-transmitting business and conspiracy to commit bank fraud.

The new indictment includes additional information about Bankman-Fried's alleged fraud. The indictment details SBF's attempts to circumvent due diligence by US banks by creating a fake company called North Dimension. Via North Dimension, SBF diverted funds to FTX, which was unable to get a bank account.

Bankman-Fried has entered a not guilty plea to the original eight charges, but has not yet entered a plea for the additional four.

These criminal charges add to securities fraud and other civil charges from the SEC, as well as civil charges out of the CFTC. Both civil cases have been stayed pending the outcome of the criminal case.

Theme tags: Law

Canadian regulators tighten rules for crypto exchanges

New guidance from the Canadian Securities Administrators requires any crypto asset trading platforms (CTPs) operating in Canada without formal registration to commit to "pre-registration undertakings". These require them to comply with expectations around crypto asset custody and segregation, prohibitions on margin or leverage trading, and a ban from allowing customers to purchase or deposit stablecoins without express permission from the CSA.

Platforms are expected to provide the pre-registration undertaking while working toward registration with Canadian regulators. Companies who don't comply with the new pre-registration requirements will have to close Canadian accounts and prohibit Canadian users from accessing their services.

Theme tags: Law

NBA star Paul Pierce to pay $1.4 million fine for shilling EthereumMax

Paul Pierce, standing on the court wearing a green sweatband and a Celtics jerseyPaul Pierce in 2008 (attribution)
In the second big-name slapdown from the SEC relating to the EthereumMax token, former Celtics player Paul Pierce has agreed to pay a $1.4 million fine to settle charges that he violated anti-touting provisions of federal securities laws.

Pierce had made posts on Twitter, including writing shortly after he was fired from ESPN that "ESPN I don't need you. I got EthereumMax. I made more money with this crypto in the past month than I did with y'all in a year. TRUTH shall set u Free". The SEC pointed out that although he had been given EMAX tokens prior to the post, they were priced at around $46,000, not nearly the more than $1 million he'd made at ESPN over the previous year. Pierce later made a post claiming that he held more than $2.5 million of EMAX tokens, but the SEC alleged in the lawsuit that "his own personal holdings were in fact far lower" and that Pierce had been provided the screenshot of another person's holdings.

In October 2022, Kim Kardashian paid $1.26 million to settle charges over touting the same cryptocurrency, a fairly unknown token that nevertheless splashed out heavily for influencer and celebrity promotion in what appears to be a pump-and-dump scheme.

Theme tags: Law, Shady business

SEC files fraud charges against fugitive Terra/Luna CEO, Do Kwon

Portrait of Do KwonDo Kwon (attribution)
The U.S. Securities and Exchange Commission filed charges against Terraform Labs and its CEO, Do Kwon, relating to the May 2022 collapse of the Terra/Luna projects. The complaint accuses Terraform and Kwon of offering unregistered securities and of fraud, and the SEC wrote in a press release that Kwon and the company "orchestrat[ed] a multi-billion dollar crypto asset securities fraud".

According to the SEC, Kwon "repeatedly misled and deceived investors" about the characteristics and stability of Terra and Luna, and tricked investors into believing that a popular Korean mobile payments platform used the Terra blockchain.

Kwon has been on the run from the law since Korean authorities filed a warrant for his arrest in September 2022. An Interpol red notice followed soon after. He is reportedly hiding out in Serbia, and Korean authorities reportedly traveled there in early February to hunt for him.

Theme tags: Law
Blockchain tags: Blockchain: Terra

Platypus Finance stablecoin exploited for $8.5 million ten days after launch

Platypus USD, a stablecoin issued by the Platypus Finance defi protocol, was exploited only ten days after it first launched. The loss was estimated to be around $8.5 million, although crypto researcher zachxbt observed that Tether had blacklisted the attacker contract shortly after the theft.

The exploit was a flash loan attack that allowed them to drain some protocol pools, also causing the stablecoin to lose its dollar peg and drop to around $0.48. A team member reported on the project's Discord that "all operations are paused until we get more clarity".

The following day, the project reported they had recovered $2.4 million of the stolen funds, and were working with crypto sleuth zachxbt, who had leads as to the hacker's identity. Later that month, Platypus announced that French police had arrested two suspects, who had tried to withdraw stolen funds through Binance — to whom they had submitted identification documents for KYC purposes.

Theme tags: Hack or scam, Law
Blockchain tags: Blockchain: Avalanche
Tech tags: DeFi, stablecoins

FDIC demands CEX.io stop claiming it's FDIC-insured

The FDIC is continuing its recent crackdown on exchanges claiming they're protected by FDIC insurance, issuing a cease-and-desist to CEX.io. CEX.io, like several other crypto companies including Voyager, FTX US, and Gemini, made claims referring to FDIC insurance that suggested that customer funds might be protected from issues at the company in a similar way that banking customers are protected from bank failures.

Many of these companies have taken the (true) statement that the company's insured depository accounts at various banking institutions are FDIC insured and presented it to customers in a misleading way, and the FDIC wants them to cut it out. The FDIC also demanded websites who published statements like "Is CEX.io Safe? Yes, Cex.io is a safe crypto exchange. Actually, one of the safest on the market since they are FDIC insured..." take them down.

CEX.io is a London-based cryptocurrency exchange with comparatively low trading volume compared to its larger competitors like Binance or Coinbase.

Theme tags: Law

South Korean authorities issue arrest warrant to CEO of Tmon e-commerce platform for shilling Terra

South Korean authorities have issued an arrest warrant for the former CEO of Tmon, a major Korean e-commerce platform. The allege that he was bribed with Luna tokens, which he exchanged for billions of won (worth around US$105 million), to promote Terra: the stablecoin in the Terra/Luna ecosystem.

Terra and Luna dramatically collapsed in May 2022, and South Korean authorities are still hunting for Terra leader Do Kwon, who is reportedly hiding in Serbia. Earlier this month, Korean authorities reportedly traveled to Serbia to try to locate him, but were unsuccessful.

Theme tags: Law
Blockchain tags: Blockchain: Terra

Paxos ordered to stop minting Binance USD stablecoin, SEC sends Wells notice

New York-based crypto company Paxos was ordered by the New York Department of Financial Services to stop minting the Binance USD (BUSD) stablecoin over "several unresolved issues related to Paxos' oversight of its relationship with Binance in regard to Paxos-issued BUSD".

Nearly simultaneously, the SEC sent a Wells notice to Paxos, informing them of imminent enforcement action. According to the Wall Street Journal, the SEC told Paxos they intended to sue the company for violating investor protection laws, and that the SEC believed Binance USD was an unregistered security.

Paxos agreed to stop minting new BUSD tokens (but will continue to honor redemptions), and said in a statement that they would be ending their stablecoin-minting relationship with Binance. As for the SEC, Paxos has promised to "vigorously litigate if necessary", arguing that BUSD is not a security.

Theme tags: Law
Blockchain tags: Blockchain: Ethereum
Tech tags: stablecoins

Paxos faces investigation over stablecoin offerings

CoinDesk reported that the New York Department of Financial Services is actively investigating Paxos, which issues both the Pax dollar (USDP) and the considerably larger Binance USD (BUSD) stablecoins.

It's not quite clear the extent of the NYDFS investigation, though it joins rumors (denied by Paxos) that they were also being investigated by the US Office of the Comptroller of the Currency (OCC), which regulates banks. Paxos has a provisional banking charter, which it received from the OCC in 2021. It also has a virtual currency license, which is issued by the NYDFS.

Theme tags: Law
Tech tags: stablecoins

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.