TL;DR Breakdown
- A single-line of code error led to a permanent lock of $34 million.
- The Akutar team ignored a red flag from a security specialist.
- Some critics picked the issue and condemned the team.
Akutar held a dutch auction for their NFT drop, but a bug in the smart contract blocked off the minting funds worth $34 million. Before minting, there were concerns about a bug that could exploit various operations, but the team overlooked them. They felt that nobody could exploit the function of processing refunds.
As minting took place, an unknown person decided to capitalize on the bug and stopped all refunds and withdrawals. However, the person intended well as he only wanted to highlight the issue. Finally, the team removed the block, paving the way for minting to proceed.
Smart contract locks funds
The contract faced another glitch when a second bug in its code failed to account for people minting multiple NFTs in a single transaction. To withdraw funds, the contract requires the counter to add appropriately. Since it couldn’t do so, the claim project hand function couldn’t execute well, leading to the smart contract locking the assets forever.
This unfortunate event drew swift and varied reactions from different observers. One observer reviewing the situation said:
It is a tragedy no one wants to experience. The ray of hope would be that it requires a group like the AkuaDream team to withstand such a predicament. The project remains extremely attractive to us. There currently seems to be many FUD in the sector, and a few critics sought to be agnostic on the issue.
However, several NFT investors were left counting their losses as they blamed the project. Many believed the exercise had been a tragedy from the outset. To other investors, there’s a notion that it blatantly presented a vulnerability in the smart contract and thus creating the gap that led to the loss of their money. The mint failure shows that the secondary market also is undergoing havoc.
Akutar minting could be made better
Akutar is the three-dimensional PFP collection. They come from the renowned Akudreams project. The expert behind this innovation is Micah Johnson. The tale behind them is told through NFTs or chapters that depict the journey of Aku’s dream. Akutars revealed the initiative and airdropped mint passes to @akudreams collectors. They also had a unique Dutch Bidding for new collectors to purchase Akutars.
Despite the unfortunate occurrence, the proprietors didn’t get everything wrong. There are two elements that they performed exceptionally well. One, they gave the available collectors Akutar. They ensured an excellent Dutch auction whereby each person incurs the minimum cost before the auctioneering process ends. This is contrary to burdening early purchases with unrealistic prices, as in ordinary auctions.
From the onset, there were glaring gaps during the Aku drop. These were among the top reasons the glitches came up and the loss to investors. Akudrop could’ve been successful had they considered the following perspectives.
The issue of mint passes
The project opted to snapshot all holders at 2 p.m. ET to prepare for Akutar’s future. What’s so horrible about this? Even at 2 p.m. ET on an active day, most people don’t live online and stay current on all matters.
This suggests that dealers proceeded to acquire mint passes after the photo hoping to get the Akutar. Some customers looking to get a mintpass went global with bids on all famous NFT exchanges. After the snapshot, sellers who were paying attention slammed an offer on hefty bids for their already valueless mint passes, rendering buyers with a useless bag. The simplest solution would have been to give the merchants mintpass in exchange for an Akutar.
Known cyber security experts raised these concerns. It is vital to maintain vigilance and responsibility if a cyber security expert reaches out to inform you of an exploit. A techie tried to inform AkuDream of a severe contract flow during the minting. Unfortunately, they ignored his heads up. Instead, they termed the bug one of the product’s “features”.
Was there an alternative approach?
Akutar could have sought a serious approach to ensure its successful launch. Before they deployed their smart contract, they could’ve sought the expertise of various auditor organizations to identify vulnerabilities and create a bug search system. It shouldn’t have dismissed experts’ worries as unfounded rumours.
This launch drew great publicity, generated much excitement, and was well-intentioned. It had plenty of positives but failed to consider all of the program’s tech components, leading to an elaborate smart contract that they couldn’t puzzle out.
Following this calamity, suspicions of “unfounded FUD” emerged, leading to a great condemnation. Although we can remember Hanlon’s Razor, we must also consider the reasons big projects frequently get stressful outcomes.
Source: https://www.cryptopolitan.com/akutar-34-million-locked-permanently/