SIR.trading Begs Hacker to Return Stolen Funds or Risk Collapse
A day after the decentralized finance protocol SIR.trading was hacked for $355,000, its founder, pseudonymous user "Xatarrer," has issued an emotional plea to the attacker, urging them to return a significant portion of the stolen funds. The hacker's demands have left the protocol on the brink of collapse, with Xatarrer warning that without the recovery of approximately 70% of the stolen customer funds, SIR.trading will not survive.
Xatarrer made the plea in a March 31 onchain message to the attacker, proposing a deal where they keep $100,000 as a "fair share" for their critical bug find and return the remaining amount. The founder emphasized that he wants to avoid any further drama or legal games, stating, "We'll call it even."
SIR.trading was built on the back of four years of late-night coding and $70,000 from friends and believers without any additional venture capital funding. Xatarrer praised the hacker for their sophisticated hack, describing it as "almost beautiful if it wasn't for all the funds people lost." However, the hacker has yet to respond, and the stolen funds have already been transferred through to Ethereum privacy solution Railgun, according to data from Ethereum block explorer Etherscan.
Xatarrer initially stated that SIR.trading would continue to operate despite the setback, saying, "We've already started planning our next steps. Those impacted by the hack will not be forgotten." The hacker targeted a callback function used in the protocol's vulnerable contract Vault, which leverages Ethereum's transient storage feature. The attacker managed to replace the real Uniswap pool address used in this callback function with an address under their control, allowing them to redirect the funds in the vault to their own address by repeatedly calling the callback function until all of the protocol's total value locked was drained.
The transient storage feature was added to Ethereum in the March 2024 Dencun upgrade as a solution to offer users lower gas fees than typically required for regular storage. SIR.trading's documentation touted it as "a new DeFi protocol for safer leverage" aimed at addressing challenges such as volatility decay and liquidation risks commonly encountered in leveraged trading.
Crypto losses due to exploits and scams have been on the rise, with crypto losing $28.8 million in March, according to blockchain security firm CertiK. However, some hackers involved in the 1inch Resolver incident returned a portion of their stolen funds, reducing the total loss to around $4.8 million. The recent $1.4 billion Bybit hack also contributed to the surge in crypto exploits and scams.
In light of these events, many are left wondering whether it is possible for crypto projects to negotiate with hackers. Should they try to negotiate, or should they focus on rebuilding and strengthening their security measures? The case of SIR.trading highlights the delicate balance between innovation and security in the rapidly evolving world of cryptocurrency.