Security Update: Staking Contract Issue Fixed
Over the last 12 hours YfDFI Finance has sadly fallen victim to what was evidently a coordinated fud attempt, specifically relating to a line of code in our staking contract. The general premise of the FUD attack was that a section of the staking contract code gave a right to the owner of the staking contract to withdraw tokens from the contract to their own wallet. The people who cowardly attacked us in the middle of Christmas Eve didn’t even give us the chance to check the code before calling us “scammers” in public.
However, we did discover a line of code dedicated to withdrawing other ERC-20 tokens sent in the contract by mistake, according to the developer’s comment.
Despite the FUD attack occurring late in the evening on Christmas Eve (or Christmas Day for some of us within the community), YfDFI admins immediately made contact with dev team to amend the issues raised within the code.
To avoid any misunderstanding or suspicion, this amendment has now been made. The ownership has been transferred to the contract itself (Tx: https://etherscan.io/tx/0xd9e83ad99751c0a6962ff426f0411a1d15979c98325a428b4b568ebd1f5b05cd — you just have to click on “Click to see More” to view the transaction details) rather than the contract creator and therefore no tokens can now be withdrawn by the developer (even other ERC-20 tokens sent by mistake, so be cautious).
You can also verify it by clicking on the event tab in the contract section. Further, you can clearly see there that the previous owner wallet address has been transferred to the ownership of the contract itself.
YfDFI Finance would like to reiterate that all funds are still completely safe. Hacken are currently undertaking an audit of the staking contract and will be releasing the report shortly.
YfDFI Finance continues to deliver constantly — Farming is still scheduled to begin before EOY 2020 where liquidity providers will be earning a great APY. Cover protocol collaboration is now active, providing levels of insurance to those who are staking and will be farming $YFD. Ferrum Staking Event will soon be released. Governance, Swap and DEX scheduled for Q1 2021. Insurance and ventures lined up for release Q2 2021.
Full transparency is the motto and once again full transparency has been delivered.
End of Story — Let’s Go Back to Work!
