To the Astra DAO Community,
We are profoundly sorry to announce a significant security breach that occurred on September 14, 2023. Upon further investigation, we have determined that the breach was more severe than initially reported. This event involved 0xBlock, a third-party software development firm based in the UK, overseen by Paresh Masani, a former board member of Astra DAO.
We want to assure the community that Astra DAO's smart contracts are secure and have undergone four rigorous audits. The vulnerability was not within our smart contracts but occurred due to external factors involving 0xBlock. This has affected their other clients, such as Cult DAO, TwitFi, CultDAO, RVLT, and Astrobot Society.
It is with heavy hearts that we emphasize all individuals who invested in the Astra DAO Indices have experienced financial losses due to this security incident.
To uphold the highest standards of integrity and security, Paresh Masani has been removed from the Astra DAO board. Additionally, Astra DAO will undergo a hard fork to transition fully to Arbitrum.
We are acutely aware of the gravity of this incident, especially for those who have lost their investments in the indices. Impacted wallets will be compensated via an ASTRADAO airdrop, offering 2x the value held at the time of the breach.
The Astra DAO Deployer wallet was compromised. Although the method by which OxBlock's wallet was compromised is unknown, its vulnerability led to unauthorized access to the Astra DAO Deployer wallet. This wallet had upgradeable contract access due to our planned launch to Arbitrum.
Tokens Drained: 4.01 trillion ASTRADAO
Financial Impact: $14,158.31 (8.752 ETH)
Assets Drained: WBTC, WETH, MATIC, USDC
Financial Impact: $221,350 (at the time of the incident)
Although the total amount invested into the index was $280,987, the total financial loss across all assets amounts to approximately $235,508.31 due to changes in the price of each asset held in the indices.
Suspended the ASTRADAO token contract.
Transitioned ownership to secure multi-signature wallets.
Enhanced security measures.
Removed Paresh Masani from the Astra DAO board.
Initiated a full investigation, including engagement with 0xBlock.
Engaged law enforcement agencies.
Detailed instructions for the hard fork and airdrop compensation will be communicated in due course. We understand the urgency and are working diligently to provide this information as swiftly and securely as possible.
We are committed to restoring your trust and will provide regular updates. If you have questions or need immediate assistance, please reach out via our official channels.
Our deepest apologies for the emotional and financial hardship this has caused. We value your understanding and ongoing support.