Vocabulary
Hardfork - A hard fork (or sometimes hardfork), as it relates to blockchain technology, is a radical change to the protocol that makes previously invalid blocks/transactions valid (or vice-versa). [1]
Snapshot - 'making a snapshot of a token' refers to saving balances of all token holders at a specific time(block)
Many investors believe hardfork as a fact that they will be receiving additional coins, and somehow the price will rocket until its snapshot. At least that's what happened most of the times. But our case was different as we were not creating additional tokens. We were just swapping the tokens, which is pretty similar to what Ethereum and Ethereum Classic has done. The only difference is that we don't have any conflict between the parties or internal issues, as we asked all exchanges and service providers to use our new token, which resulted the old token to worth 0.
CoinBene Hacking
Late March, our foundation was informed that some of tokens from CoinBene exchange was hacked. Our foundation immediately requested to all exchanges to stop deposit of Insureum to prevent minimal loss of our investors.
DEX Trading
Hackers need to wash their address to unrelated address, which can be easily done by using an exchange wallet. Since, all exchanges were blocked, they used EtherDelta which is one of widely used decentralized exchange. We tracked all transaction starting from the identified hacker's address, and also all transaction from Etherdelta exchange.
Tracking Insureum
Even though we know the origin address to track, using Etherscan and marking its relationship back and forth was not easy. Since we are saving all transactions of Insureum in our database, we decided to make a simple script that can visualize the transactions.
Used Network (https://networkx.github.io) to map transactions
G = nx.Graph()
initial_node = '0x8d12a197cb00d4747a1fe03395095ce2a5cc6819'
initial_block = 7450000
tx = Transaction.query.filter(Transaction.block > initial_block).all()
for t in tx:
G.add_node(t.from_column)
G.add_node(t.to)
G.add_edge(t.from_column, t.to)
This helped us to identify which was related to the hacker's address. There are few other unrelated(clean) transactions that we can ignore. As you can see, they tried to make multiple transaction to wash their wallet addresses, but it was meaningless even with DEX withdraw tricks.
Snapshot
Since we had all transactions parsed in our database from the genesis of the Insureum, we can easily recover one's balance of all wallets without calling balanceOf.
def get_balance(address):
tx_from = Transaction.query.filter(Transaction.from_column == address).all()
tx_to = Transaction.query.filter(Transaction.to == address).all()
from_sum = sum(float(i.value) for i in tx_from)
to_sum = sum(float(i.value) for i in tx_to)
return (to_sum - from_sum) / 10**18Distribution
All balance were saved as CSV. We used a smart contract to read and distribute the new tokens. Thanks to Constantinople, the gas fee was much lower than expected.
Summary
We performed a smart contract upgrade to minimize the impact of the incident. We also buy the same amount of the token from the market to bring the token price where it was. Thanks to all parties including community managers, wallets and exchanges who gave us true support.
Written by Ted Kim, co-founder and CEO of Insureum
Code
All code will be uploaded on the Insureum's main github page. (https://github.com/TeamZikto/Contract)
Reference
1. https://www.investopedia.com/terms/h/hard-fork.asp
Insureum Homepage: https://insureum.co/
Insureum Telegram News (English&Korean): https://t.me/insureumnews
Insureum Telegram (English): https://t.me/insureum
Insureum Kakao (Korean): https://open.kakao.com/o/ggNWf8K
Insureum Blog: https://steemit.com/@ziktoman
Insureum Facebook: https://www.facebook.com/insureum
Insureum Instagram: https://www.instagram.com/insureum_zikto/
Find out more about Insureum weather and cyber risk products on our website today!