skip to Main Content
blockchain coffee

Crypto && Coffee 140

Technology Recap:

Bitcoin:

  • Updates have been made to the BIP-329 specification which highlights a wallet label export format with a new optional spendable tag. This aims to indicate to the wallet and user whether the associated output should be spendable. This builds off of existing coin control features that are inherent in many wallet software implementations. 

Ethereum:

  • This past week’s Ethereum All Core Devs Consensus call focused on inclusion of a builder override flag in the Engine API, an increase to the target and maximum blob limit to 3/6, and on-going research around changing the maximum effective balance of validators. 

  • The Holešky, aka Holešovice testnet is highlighted, which will launch in September 2023 and replace Goerli as a staking, infrastructure and protocol-developer testnet. Devs urge that dApps, smart contracts, and other EVM functionality be tested on Sepolia. 

Other Chains: 

  • Loopring L3 is now officially live on Taiko’s alpha-3 zkEVM testnet. Taiko is a decentralized, Ethereum-equivalent ZK-Rollup. 

  • The dYdX public testnet launched at 17:00 UTC on July 5th, 2023. This milestone moves dYdX towards fully moving away from Ethereum and using Cosmos exclusively. The testnet on Cosmos uses ABCI v2.0 and the latest features of the Cosmos-SDK. 

  • EigenLayer aims to increase re-staking capacity for Liquid Staking Tokens (LST) as well as native staking. 

  • Surge, a permissionless lending protocol launched on Arbitrum on July 5th. 

  • The Prisma Risk Team releases a Collateral Risk Assessment for Lido Finance’s wrapped stETH (wstETH). 

  • The Aave governance community proposed a new vote to freeze the TUSD reserve on the Aave V2 Ethereum pool due to the recent events with the TUSD asset.

  • The first RWA (Real World Asset) product, stUSDT, which is operating through the decentralized platform, JustLend launched on TRON. 

  • An article is shared highlighting the choices DeFi developers are going to have to make – whether to focus on decentralized brokers or the protocols themselves. 

  • Gauntlet now supports isolated pools on Venus Protocol V4 and is now helping advance risk management and protocol efficiency. 

  • Archway is now live! Archway is a protocol created by builders for builders. 


Hacks | Vulnerabilities | Exploits:

  • On July 6, 2023, Multichain was exploited for ~$126M on Ethereum. The assets, valued at ~$118M, were transferred out of the Multichain Fantom bridge including tokens: DAI, LINK, USDT and others. They were all sent to an unknown address. This adds to the ever-growing list in cross-chain bridge exploits. 

  • Three of the receiving addresses from the Multichain exploit have been blacklisted by Circle. 

  • SlowMist presents their mid-2023 report on Blockchain Security & Anti-Money Laundering. 

  • PeckShield shares that ~42 exploits grabbed ~$92.55M in June 2023. As of June 30th, 2023, ~1,104.7 ETH and 1,578.5 BNB were transferred into TornadoCash, 0.18 ETH was transferred into ChangeNOW, and 19,990 DAI were transferred into Railgun. 

  • De.Fi Rekt Report is published for Q2 2023. The report highlights that the total of lost funds in 2023 has reached ~$667M with ~$204,308,280 lost in Q2. The frequency of hacks has risen in Q2 almost 7x (129 cases), compared with 17 only a year ago. 

  • The PolyNetwork was attacked on July 1st, 2023 on BSC which resulted in funds being moved to Ethereum. The exploiters drained ~3M USDC from PolyNetwork’s Lock Proxy and swapped them for 1.557K ETH. The attacker by July 2nd, 2023 had swapped tokens into 4.3M worth of Ether on Ethereum. 

  • Coinage shares the story from the Euler Finance hacker who accomplished one of 2023’s biggest crypto hacks to-date. 

  • A new vulnerability was disclosed by SunSec which includes smart contracts that allow slippage and deadline to be set to zero. If done, users might potentially lose all their tokens. Slippage is the difference between the expected price of a trade and the price at which the trade is executed. If hard-coded to zero, the user will accept a minimum amount of zero output tokens from the swap

  • On July 4th, 2023 BAMBOO token’s pool was exploited on BSC. The exploit was through a price manipulation attack due to a public burn issue. The vulnerability arises when the private updatePool function is invoked by the _transfer function.

  • On July 4th, 2023 Bao Finance was exploited for 23.5 WETH on Ethereum for ~$46K. The exploit was planned days before via a front-running bot. 


Mainstream Recap:

  • Fidelity, WisdomTree, VanEck, and Invesco/Galaxy have all re-filed their spot bitcoin ETF applications, naming Coinbase as the exchange. 

  • Binance Research shares the Institutional Crypto Outlook Survey

  • Nasdaq re-files for the BlackRock spot bitcoin ETF, naming Coinbase as surveillance partner. 


This Week’s Cup of Coffee:

This week, we are headed to Brussels, BE for a cup of Golden Eye from OR Coffee Roasters. This seasonal blend is a mix of roasts from Brazil, Colombia, and Costa Rica. Yielding flavors of dark chocolate with hints of black currant and other fruity notes. Sip up and enjoy!! 

Back To Top