Here's how Defrost Finance plans to refund users following $12M hack
After recovering the funds lost in a recent flash loan exploit, decentralized leverage-trading platform Defrost Finance is planning to return the funds to their rightful owners, according to a new announcement.
In a Medium post, Defrost highlighted that it will soon be refunding the assets to their original holders and will be following a specific process. The process includes converting all Ether (ETH) into stablecoins, like DAI, at the on-chain market rate. Then, all stablecoins will be transferred from the Ethereum blockchain into Avalanche.
Apart from these, the team will also be conducting a scan of on-chain data to find out “who owned what” before the attack. After completing the scan work, the Defrost team mentioned that they will be releasing the data to the public.
After everything is completed, the team will be deploying a smart contract that will allow users to reclaim their assets which are already converted into stablecoins back to their original wallet addresses.
Meanwhile, after the exploit, security firms alleged that the project may have run away with user funds. Blockchain security firm CertiK described the recent exploit as an "exit scam" and said that they have attempted to contact the team without getting any responses. On the other hand, blockchain analytics firm PeckShield also issued a warning to the community, describing the project as a "rug pull" and estimated the losses to be around $12 million.
Related: Hackers drain $8M in assets from Bitkeep wallets in latest DeFi exploit
On Dec. 21, decentralized exchange Raydium also announced details of its proposed compensation plan for victims of a recent exploit because of a vulnerability in the platform's code. According to its team, the hackers were able to get away with $2 million worth of digital assets with the attack.
On the same day, Ankr protocol was able to determine the details of the exploit that caused a $5 million loss within the platform. According to the team, there was a point of failure in their developer key. Because of this, the team will be implementing multi-sig authentication that will require signatures from key custodians.