XCarnival Announces that 5,000 ETH will be Distributed to Build the “Security Star” Plan
On June 26, 2022, the hackers found & attacked our contract vulnerability and “stole” 3087 ETH.During the hackers attacking incident, we negotiated with hackers for a few rounds, NOW we got 1,467 ETH back.
As a platform, we have a responsibility to protect the interests of XCarnival users and eco-partners. We wanna build a better mechanism! 👉 We will launch the “Security Star” plan.
“Security Star” featured two core parts:
- Smart Contract Security
- XFund — Insurance Fund
The plan is to continuously invest 5,000 ETH over two years to safeguard the platform and user assets, we think it will have a positive impact on the industry, it’s probably good to go!
Smart Contract Security
As the NFT multi-chain liquidity provider, in order to meet the increasing security challenges, we will strengthen internal cross-audit mechanisms:
1.On the basis of passing CertiK auditing(CertiK has issued an audit report before XCarnival launched. CertiK has given an official statement of clarification 🔗）: https://twitter.com/certikcommunity/status/1542823871270756353?s=21&t=hcPa8FNODRVrUHxOAq3agg
We also invite Peck Shield to audit our contract code. Please stay tuned for the audit result.
2.After auditing smart contract code, next step, we will be launching a bug bounty campaign.
XFund — Insurance Fund
XFund is open for XCarnival and our partners , XFund, will invest 5,000 ETH in the next two years.
The need for funding is particularly acute in difficult economic times, as other funding sources dry up. XCarnival takes this role — as a pilot light for community builders & projects — very seriously. We know that the community counts on us to be there in good times or bad times.
Impacts highlighted below:
1.XFund will be independently operated by XCarnival Dao , whose function is to ensure the safety of assets and funds on the XCarnival platform.
2. XFund will be responsible for assuming liability for losses incurred by the Platform in extreme circumstances that are not attributable to human factors, and will first compensate for the portion of the event (1620 ETH) that has not yet been recovered after the XFund is established.
3. In the event of liquidation of the lending assets, XFund will act as the liquidation sponsor to dispose of the assets according to the actual situation of the assets to ensure the safety of the lending assets.
The “Security Star” plan is an innovative exploration of the NFTFi industry.
Our early investors such as A&T capital, Fundamental Labs, SNZ, GSR, Zonff Partners, Metasense have indicated that they will trust and support our development forever;
Meanwhile, XCarnival’s eco-partners such as Project Galaxy, NFTScan, Solv Protocol, NFTGo etc.will continue to support XCarnival in participating in the ecological co-construction.
Our smart contracts will also be relaunched after three weeks.
We have seen the importance of security mechanisms, so that’s why we set up the ”Security Star” plan. We look forward to building upon this progress together in smart contract security and beyond! We are immensely thankful to all of our partners and the community for their generous contributions to us.
Appendix: Timeline of this attacked incident
1. The attack occurred (2022–06–26 20:02:46)
2. Contract closure ( 2022–06–26 22:00:00)
3. Negotiations start( 2022–06–26 23:29:39)
4. Partial recovery of losses (1467ETH 2022–06–27 13:45:58)
5. Initiate new audit (2022–06–28 19:19:00)
6. Security Star programme announced
7. Binance NEWS reports on XCarnival “Security Star ”plan（ 2022–07–03 8:30:00）
8. Contract relaunch (In the next 3 weeks)