Social Tokens Get Rolled On

Social money issuer Roll was hacked for nearly $5.7M of creator tokens held in hot wallets on the platform over the weekend.

1/5

Two hours ago, someone sold a huge amount of social tokens issued on Roll platform.

As a result, an attacker earned almost 3k ETH ($5.7M), of which 700 have already been sent to Tornado Cash.

Most of social token prices dumped as a result. pic.twitter.com/WmdMogBBnd

— Igor Igamberdiev (@FrankResearcher) March 14, 2021

Using Roll’s private keys, the hacker made off with tokens from 400+ creators on the platform. They immediately sold into Uniswap pools created around the vulnerable social tokens and transferred the ETH via Tornado Cash.

“It seems like a compromise of the private keys of our hot wallet and not a bug in the Roll smart contracts or any token contracts,” stated Roll’s post-mortem

Of all the tokens affected, Whaleshark’s WHALE token and Friends With Benefits FWB were hit the hardest, losing ~1400 ETH and ~800 ETH respectively.

The affected communities scrambled to address the situations, quickly turning to Discord voice chats to inform their tokenholders to what happened. Looking across the board, all social tokens dipped by at least 50%, depending on the number of tokens held in Roll at the time of the hack.

Roll responded with a post-mortem, saying the team intends to take legal action on the malicious actor if found and offering a $500k creator bounty to all communities affected.

Social Token Community Rallies

Despite the devastating losses, the wider social token community banded together to support those in need. After addressing the issue internally, Whaleshark set out to provide liquidity to other projects as a sign of support.

The Friends With Benefits token dropped by 99% at the time of the hack. Despite a crisis event, the community rallied together to vote in favor of a new FWB Pro token, expected to launch later this week. The project will airdrop tokens to existing members and speculators at various rates, resetting the slate with a DAO at the helm.

In light of recent events, the community has voted to migrate to a new token – FWB Pro.

Liquidity has been removed and a snapshot of existing balances has been taken as of block height 12044997.

Balances for the new token will be shared in the next 24-48 hours.

— Friends With Benefits ($FWB) (@FWBtweets) March 15, 2021

What could have been a crippling blow for the emerging sector turned into a sign that social token communities can respond well in the face of danger.

This event showed that many social tokens still suffer from centralization issues as a result of accessibility, as the reason tokens were being held in Roll in the first place was to prevent creators from having to download Metamask to get started with social money.

Easy to be a critic outside the arena, but the thoughtfulness and resilience social token issuers and communities have shown this week is impressive.

Bravo @AlexMasmej, @whatdotcd, @Cooopahtroopa, @Flynnjamm, @thattallguy, and many others.

— Arjun Balaji (@arjunblj) March 15, 2021

In the event that a creator retained complete control of their supply, there would have been no tokens at risk when the issuer was hacked. While the space is rapidly growing, let this serve as a reminder that self-custody is an education course worth emphasizing.

✊ Head to THEDEFIANT.IO for the best in DeFi news ?