DAO Maker hack victims still await reimbursement 3 years later

DAO Maker, a distinct crypto platform from MakerDAO for fundraising, aims to collect hundreds of thousands of dollars in 2024 to support new Web3 projects. Regrettably, those affected by the August 2021 cyberattack allege that they have not been recompensed for their losses despite assurances from the development team that they would be made whole again.

Victims argue that DAO Maker is responsible for their losses because they believe the hack originated from a careless handling of private keys by DAO Maker’s developers.

In August 2021, DAO Maker experienced a security breach that led to the theft of around $7 million from its users’ funds. The incident was later confirmed as a private key hack by the development team. As a response, they promised to reimburse investors with an immediate distribution of USDC tokens worth 500 dollars each. The remaining compensation was planned to be given through a token named “USDR,” which could be exchanged for DAO tokens at their current market value within a year.

Victims of the hack expressed their disappointment to CryptoMoon, revealing that USDR redemptions were never permitted and they have yet to be made whole for their ongoing losses. Moreover, SOMA Analytics, a decentralized finance expert, reported that DAO Maker manipulated its governing body into scrapping the reimbursement plan by leveraging its substantial token holdings. The researcher asserted that this proposal was subsequently deleted, presumably as an attempt by the team to conceal their inability to compensate victims.

In simpler terms, DAO Maker, located in Prague, is an independent entity with no connection to MakerDAO, the well-known stablecoin protocol.

DAO Maker gets hacked and offers compensation

DAO Maker is a platform that helps technology startups, specifically those developing Web3 protocols under decentralized autonomous organizations (DAOs), raise funds. As stated on their website, over 75,000 individuals expressed interest in early-stage ventures with them in the year 2020, and they have more than 200,000 users who have gone through the Know Your Customer (KYC) process.

DAO Maker hack victims still await reimbursement 3 years later

According to CoinMarketCap’s explanation of DAO Maker, this project provides various methods for investors to take part in new token sales. One of these methods is called a “Strong Holder Offering (SHO)”. In this setup, investors buy DAO tokens and employ them to assign “DAO Power” to a chosen coin offering. The more DAO Power they assign, the higher their chances are of securing a spot for that specific offering.

If they secure a spot, their USDC balance will finance their allocation automatically, allowing them to buy coins during the offering as indicated by CoinMarketCap, according to now-offline DAO Maker documents.

In the 2021 cyberattack, an attacker took advantage of a vulnerability in the SHO contract where USDC funds were kept, resulting in a theft of approximately $7 million. In a Medium article published on August 12, 2021, DAO Maker admitted that the breach was due to malicious activity using one of their wallets with administrative permissions.

On August 17, 2021, via a Medium post and their Telegram channel, the team revealed a compensation plan for affected investors following a hack. They promised an immediate airdrop of 500 USDC per investor. Subsequently, on September 8, 2021, they announced that any remaining losses would be settled with an “IOU token” named USDR. A year later, on August 8, 2022, each USDR token could be redeemed for $1, along with a bonus of 10% in DAO tokens. The announcement explained, “Each USDR token is equivalent to $1.10 in DAO tokens, one year after it’s distributed.”

To illustrate how the redemption procedure functions, let’s look at a hypothetical situation: Suppose a user suffered a loss of $1,000 due to a hack. According to DAO Maker, this individual would receive 500 USDR tokens on September 8, 2021, as part of the redemption process. After a period of one year has elapsed, these 500 USDR tokens could be exchanged for $550 worth of DAO tokens.

The two Medium articles were removed from Medium, yet you can still access their past versions through the Wayback Machine archive.

Victims claim USDR redemptions were never allowed

According to DAO Maker’s investors, the commitment made by the organization and its development team to exchange each USDR for $1.10 has not been kept. (Paraphrased) The investors of DAO Maker stated that they were expecting to receive $1.10 in return for each USDR unit; however, this promise was not fulfilled by either the DAO Maker decentralized autonomous organization or its development team.

A investor going by the name “Red Drac” in Telegram, who requested anonymity, recounted losing $2,000 during the August 2021 hack. They had transferred $2,000 worth of stablecoins to a preliminary deposit contract prior to the event. Unfortunately, when the hack took place, this contract was emptied, resulting in the loss of their funds. After the compensation plan was unveiled, Red Drac received 500 USDT (USD Tether) as part of the reimbursement. However, they were later supposed to receive 1,500 USDR (USD Coin), but this amount could never be redeemed for DAO as promised.

Based on Red Drac’s account, they found out that there was a USDR liquidity pool where they could cash out by selling their tokens. However, the tokens weren’t equivalent to USDT in value as they were only worth “around 80%” of their original value when sold. Consequently, Red Drac decided against selling their USDR into the pool and the tokens remain in their digital wallet.

The representative asserted that the USDR tokens hold little value currently, since it’s impossible to swap them for other cryptocurrencies due to the closed liquidity pool. Red Drac acknowledged using the tokens to acquire DAO Power within the DAO Maker ecosystem, but they expressed doubt about their worth as these allocations don’t ensure a return on investment.

User Zstelecom shared an analogous experience, stating they were given 500 USD in compensation after falling victim to a hack. Several months passed, and the token’s value ranged between $0.60 and $0.80 per coin. Seizing this opportunity, they decided to invest in approximately 10,000 tokens, anticipating that they could later exchange these for around $10,000 worth of DAO once the tokens became redeemable.

But the tokens never became redeemable and are now worthless on the secondary market. 

“According to Zztelecom, the DAO Maker team deceived everyone by announcing a false trading halt. Eventually, they revealed that one USDR is equivalent to one DAO Power unit and enabled sales participation. However, users were unable to transfer their DAO Powers to other wallets as they would be rendered worthless.”

Claims of a DAO Maker cover-up

An additional allegation was made by DeFi researcher SOMA Analytics, who presented proof that the team attempted to conceal their discontinuation of the USDR redemption process. SOMA Analytics shared this findings through a Notion workspace and is not linked to the nutritional supplement blog with the same name.

Based on SOMA’s report, DAO Maker proposed abandoning the redemption process for USDR. This suggestion was supposedly approved by DAO Maker, but later disappeared from their Snapshot page. It is alleged that DAO Maker used its tokens to control the majority of votes and pass this proposal. They are also accused of distributing new tokens to conceal their involvement in the vote outcome.

From October 3rd to October 5th, 2022, a distinct USDR proposition emerged on DAO Maker’s Discord channel, which was put forth by the user @Dante.eth. According to the researcher’s report, this proposal was subsequently deleted. However, other community members managed to save copies of it.

1 ratio.

Option 1 was for the decentralized autonomous organization to algorithmically sell DAO tokens and airdrop USDC to holders of USDR at a 1:1 rate. This would have allowed holders to be fully compensated, but with stablecoins instead of DAO tokens. Option 2 was to distribute DAO tokens from a Venture Yield partnership to USDR holders once a year. Option 3 was to redeem USDR at only 50% of its par value.

Option 3, which allowed token redemption at half the market value, failed with a “yes” vote of 61.72%. Yet, it’s important to note that this proportion was represented by just six wallet accounts. Most token holders opted for Option 1 instead, but due to their smaller token quantities, they couldn’t override the voting power of the six significant investors who advocated for the 50% discount.

DAO Maker hack victims still await reimbursement 3 years later

Victims of the hack admitted that holding USDR tokens grants them increased opportunities to take part in desired token sales within the DAO, providing more power in the process.

Despite the DAO‘s decision for a 50% redemption, SOMA Analytics asserted that no compensation was actually distributed by the team. In their words, “As far as I remember, there was never an option to claim this compensation, and people received nothing.” Instead, SOMA claimed that the team chose to render USDR tokens incapable of redemption and enabled their holders to wield DAO power with them instead. However, the DAO Power derived from these tokens is not transferable, rendering them virtually worthless in today’s secondary market.

DAO Maker hack victims still await reimbursement 3 years later

Based on SOMA Analytics’ findings, six wallets that supported the 50% haircut were newly created and received significant DAO tokens within a short timeframe before the voting. These transactions may have been concealed through cryptocurrency exchanges. According to SOMA Analytics, this pattern suggests that these wallets belong to an entity holding a considerable amount of DAO tokens, such as the development team, aiming to keep their identity hidden while casting their vote.

It is uncertain if CryptoMoon was able to verify on its own the identities of the wallets that supported the proposal, their creation dates, and the sources of their funding, since the proposal has been removed.

We reached out to DAO Maker for their take on the situation, but they hadn’t gotten back to us before our article went live.

DAO Maker remains active in offering fundraising solutions for emerging Web3 projects. As per CoinMarketCap’s data, the DAO token boasts a market value of approximately $153 million, positioning it within the top 400 cryptocurrencies.

Read More

2024-04-23 16:05