To the Astra DAO Community,

We are profoundly sorry to announce a significant security breach that occurred on September 14, 2023. Upon further investigation, we have determined that the breach was more severe than initially reported. This event involved 0xBlock, a third-party software development firm based in the UK, overseen by Paresh Masani, a former board member of Astra DAO.

Assurance on Astra DAO Smart Contracts

We want to assure the community that Astra DAO's smart contracts are secure and have undergone four rigorous audits. The vulnerability was not within our smart contracts but occurred due to external factors involving 0xBlock. This has affected their other clients, such as Cult DAO, TwitFi, CultDAO, RVLT, and Astrobot Society.

Impact on Astra DAO Indices Investors

It is with heavy hearts that we emphasize all individuals who invested in the Astra DAO Indices have experienced financial losses due to this security incident.

Governance and Network Update

To uphold the highest standards of integrity and security, Paresh Masani has been removed from the Astra DAO board. Additionally, Astra DAO will undergo a hard fork to transition fully to Arbitrum.

Compensation Plan

We are acutely aware of the gravity of this incident, especially for those who have lost their investments in the indices. Impacted wallets will be compensated via an ASTRADAO airdrop, offering 2x the value held at the time of the breach.

Incident Summary

The Astra DAO Deployer wallet was compromised. Although the method by which OxBlock's wallet was compromised is unknown, its vulnerability led to unauthorized access to the Astra DAO Deployer wallet. This wallet had upgradeable contract access due to our planned launch to Arbitrum.

Attack Details

Phase 1: ASTRADAO Uniswap Liquidity Pool Tokens Drained

• Tokens Drained: 4.01 trillion ASTRADAO

• Financial Impact: $14,158.31 (8.752 ETH)

Phase 2: Indices Funds Drained

• Assets Drained: WBTC, WETH, MATIC, USDC

• Financial Impact: $221,350 (at the time of the incident)

Total Financial Impact

Although the total amount invested into the index was $280,987, the total financial loss across all assets amounts to approximately $235,508.31 due to changes in the price of each asset held in the indices.

Immediate Actions Taken

• Suspended the ASTRADAO token contract.

• Transitioned ownership to secure multi-signature wallets.

• Enhanced security measures.

• Removed Paresh Masani from the Astra DAO board.

• Initiated a full investigation, including engagement with 0xBlock.

• Engaged law enforcement agencies.

Next Steps

Detailed instructions for the hard fork and airdrop compensation will be communicated in due course. We understand the urgency and are working diligently to provide this information as swiftly and securely as possible.

We are committed to restoring your trust and will provide regular updates. If you have questions or need immediate assistance, please reach out via our official channels.

Our deepest apologies for the emotional and financial hardship this has caused. We value your understanding and ongoing support.