Blockchain security firm CertiK is launching a compensation plan to cover $2 million lost during the public sale of decentralized exchange Merlin's MAGE token.
In a statement to Cointelegraph on April 26, CertiK reiterated that it was investigating the exit scam and had also recruited the remaining Merlin team to initiate a compensation plan. it says: "Initial investigations indicate that the rogue developers are based in Europe, and if direct negotiations are unsuccessful, CertiK will work with law enforcement authorities to track them down."
Blockchain security firm urges rogue developers to return 80% of stolen funds and give away 20% as white hat bounty. The company also noted that private key privileges are "committed to helping affected users," although they were outside the scope of the smart contract audit.
Merlin lost about $850,000 worth of USD Coin. There will be no hard cap during the three-day public sale of MAGE tokens on April 26. Blockchain data shows that exploiters who control liquidity pools are able to easily siphon funds. CertiK, wh ich audited Merlin's code, responded that its initial findings pointed to "potential private key management issues." Crypto Twitter Questions CertiK Audit, Suggesting Possible Implications.
Verichains founder Thanh Nguyen referred to the presence of a "backdoor" in Merlin's code, saying it was "an obvious security risk, as there is no use case requiring its approval." "While audits can identify potential risks and vulnerabilities, they cannot prevent malicious activities by rogue developers, such as rug pulls,” CertiK said in a statement to Cointelegraph. A project with an additional layer of security, which indicates that the project has voluntarily passed the KYC vetting process.” Doing so can help redu ce and mitigate The risk of insider threats, such as rug pulling, the company explained.
CertiK said it will continue to provide updates on its compensation plans and ongoing investigations.
