EthereansOS
Published in

EthereansOS

The White Hat Rug Pull — Your ETH, USDC and OS Are Safe — All Is Well

We discovered a critical bug in the Items v2 protocol.

We have already taken the steps required to secure it from exploitation by any black hat actors. However, the steps we had to take were fairly drastic, and holders, farmers and liquidity providers of $OS must take action.

Having said that, there is no urgency, funds are safe and there is no rush to act.

Ale is currently live on YouTube, explaining things and answering questions:

White Hat Rug Pull

Your ETH, USDC and OS are safe.

The exploit would have allowed a bad-faith actor to mint infinite $OS, which they then would have proceeded to dump in the open OS pools — the OS-USDC and OS-ETH pools in Uniswap v3, and the OS-ETH one in Uniswap v2.

There was no way to simply fix the bug and prevent such an attack.

Our only option was to carry out the attack ourselves.

We used the exploit to mint enough $OS, and sold it for all the ETH and USDC in those pools…

Claim Your USDC and ETH

… and now, we can redistribute all that ETH and USDC back to their rightful owners, at no loss.

To do this fairly and precisely, we took a snapshot just before we carried out the manoeuvre; however much ETH or USDC you had in one of those three pools at block 13506003 is how much you’ll be able to claim back.

This applies regardless of whether you staked via the Covenants farm or if you provided liquidity directly in Uniswap.

You can now claim your ETH and USDC here:
https://os.ethos.eth.link

Additionally, we are helping compensate you for the gas fees you’ll have to pay to claim your tokens.

If you had $OS and ETH staked in the Covenants farm, you’ll receive a bonus 0.15 ETH when you claim.

Claim Your New $OS

As mentioned above, it wasn’t possible to simply patch the exploit. We had to deploy an entirely new iteration of the Items v2 protocol.

And because $OS is the first and only Item v2, we also had to deploy and mint an entirely new $OS.

The snapshot discussed above also recorded how much $OS each wallet held or had pooled with ETH or USDC (directly or through the Covenants farm). However much you do / did is how much of the new $OS you can now claim.

You can now claim your new $OS here:
https://os.ethos.eth.link

We will help compensate you for the gas fee by giving every wallet that held at least 20 $OS at the time of the snapshot a bonus 0.02 ETH.

A farm for the New $OS, which pick up precisely where the old one left off, is here:
https://covenants.eth.link/#/farm/dapp/0x1f40DA07D23FB4c71a4268cD05828436Bfb261B4

The Silver Lining

Every problem is an opportunity. In deploying a new Items protocol, we were able to not only fix the bug, but also push through a few upgrades.

One was for decimals management. This makes it much easier for platforms like OpenSea and Rarible to correctly display the decimals for Item supplies. Basically, decimals of the Main Interface are now identical to most ERC1155 tokens.

Another introduces granularity to how Collections can be governed by hosts. Whereas before you could only have one host to govern a Collection, you can now have one to govern its metadata; another to mint new Items; another to transfer Items; another to burn Items; and another to move Items to different Collections.

There’s more to it, but you’ll be able to read everything in the documentation — which, despite what has happened, we’ll still release on November 1st.

Concluding Remarks

A different protocol was hacked yesterday, by a black hat, resulting in the loss of over $100 million.

We hope that our community will recognize how well we’ve handled this crisis. Once everyone has claimed their tokens and whole again, things will effectively be as they were before. No one will have lost any OS, ETH or USDC.

Nevertheless, we do understand that this is frustrating — to say the least. It is for us too. All of us are excited and anxious for E-Day, and it’s shit to have to endure something like this when we’re so close. But — it’s a minor setback.

In fact, it isn’t really a setback at all; we continue apace on our road map, and E-Day is not delayed. 21/11/21 is just a few weeks away.

We’re almost there.

Some Things to Note

New $OS Contract Address
0x6100dd79fCAA88420750DceE3F735d168aBcB771

New $OS Name
Ethereans (OS)

~The CoinGecko, Etherscan, Trust Wallet, CMC pages etc. will be updated to the new $OS as soon as possible — you can help us by spreading the word.

~The ETH being used to compensate people for gas fees is being taken from both the EthOS public treasury and the NERV treasury.

~As an incidental demonstration of dynamic metadata, the metadata of the old $OS will be modified, so as not to confuse people.

New $OS Card

New $OS Logo by Valemostro

--

--

--

The main blog of EthOS

Recommended from Medium

Why Cybersecurity Should Be Top of Mind for Every Digital Health Entrepreneur

Spores’ Marketplace Testnet & Bug Bounty Program

One Password to Rule Them All

How To Setup a Linksys Smart WiFi Via Linksyssmartwifi.com

How to create DKIM keys and use them with PhpMailer

THM: Bounty Hacker

Magic Planeswalker 2012 Patch

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
C D

C D

More from Medium

IOTA Token Value.

Cook Finance at the DCentral Miami Conference

Flare Finance Stability pools

ENDED — Winner in update— CertHum Announces 500 GLMR Giveaway