ZKsync was stolen 5 million US dollars, and the currency circle was attacked by hackers for several days

Author: Bright, Foresight News

Starting from 9:29 pm on April 15, the price of ZKsync, one of the "Four Ethereum L2 Kings", crashed by 17.2% in just seven minutes, falling to $0.0396 in a short period of time. Immediately, South Korean exchange Bithumb suspended ZKsync's withdrawal of coins due to security issues.

Official response and community questions

At 9:49 pm on April 15, ZKsync official mailed a statement saying that their security team discovered that a stolen administrator account controlled ZK tokens worth about $5 million, which did not appear out of thin air, but were derived from the remaining tokens that had not been collected in the previous ZKsync airdrop activity. It also stated that the abnormal additional issuance and sale are isolated incidents caused by the stolen keys and are limited to the airdrop contract itself. All users' funds are safe and never faced risks; the ZKsync protocol and ZK token contracts are not affected, and no more tokens are at risk of being stolen.

At 11:25 pm, ZKsync official recommendation updated the latest progress in the stolen incident. "Investigation shows that the administrator account 0x842822c797049269A3c29464221995C56da5587D, which is responsible for managing three airdrop distribution contracts, has been compromised. The attacker called the sweepUnclaimed() function to mint approximately 111 million unclaimed ZK tokens from the airdrop contract. The transaction increased the total amount of tokens in circulation by about 0.45%. This event is limited to the airdrop distribution contract, and all mintable funds have been minted.

Although the official issued two quick reports to deal with it, the on-chain additional issuance and stock market crashes of ZK tokens are really shocking. The community did not buy into the official "investigation" and strongly questioned whether it was the team-centered evil.

Community members said that ZKsync's statement was completely perfunctory and could not get rid of the suspicion of self-stealing theft. It also emphasized the possible consequences of VC currency breach of trust caused by the ZKsync incident.

King-level "ghost chain" and liquidity crisis

ZKsync was once the "King Project" in Ethereum's Layer 2 and is one of the four mainstream Rollup solutions (Optimism, Arbitrum, zkSync, and StarkNet) on the market. ZKsync uses ZK Rollup technology to directly verify data validity through zero-knowledge proofs, by transferring transaction processing from the Ethereum main chain to the side chain, significantly reducing transaction fees and increasing speed.

However, the on-chain data of ZKsync can be called "barren" and has been called "ghost chain" by many community members. Since the airdrop in June 24, most ecological participants have chosen to clear their positions directly, and TVL and the agreement revenue have fallen. According to Defilama data, the number of active addresses in ZKsync has dropped by 83.5% since June 24, and the average daily trading volume has plummeted by 86%. After March this year, the daily income of the ZKsync agreement is basically only US$1,000. What's even more paradoxical is that from March 14 to March 27, the ZKsync protocol revenue was US$0.

ZKsync has tried to save its bleak ecological activity. In January this year, ZKsync launched the Ignite program, which plans to allocate 300 million ZK tokens (approximately US$60 million) within 9 months, aiming to attract more liquidity to its Layer 2 network and promote the rapid development of the DeFi ecosystem. The launch of this program, which once drove ZKsync's TVL to grow by nearly 90% in just one week, soaring from $97 million to $184 million. However, this plan was quickly stopped after the market declined in March, which also laid hidden dangers for today's "small issuance and market crash" drama.

It can be said that ZKsync faces common problems with all Ethereum L2 - thin applications, sharp drop in daily activity, and poor revenue, while ZKsync's liquidity performance may be the worst.

"Broken Window Effect" and the Crisis of Trust

In just a few days before ZKsync was stolen, the currency circle had already experienced one-click clearance of OM, the KiloEX protocol was stolen, and Odinfun was stolen. For a moment, I thought the currency version of "The Matrix" was being released.

However, the statement "all responsibility is attributed to the hacker, and we will provide the investigation report as soon as possible" seems to be ineffective in the eyes of community members. In fact, until now, including ZKsync, a number of stolen projects have not made substantial positive statements on how to deal with the stolen funds and how to compensate for user losses.

The Broken Window Theory believes that any visible signs of chaos, neglect and crime, such as broken windows, destruction of public property, may encourage further criminal and anti-social behavior in a region. Because the above signs indicate that order in the area has been destroyed and law enforcement is lacking. In Web3, which is still in a chaotic territory, when an OM presses the "SELL ALL" nuclear button and is visible to not be subject to decent sanctions, a number of projects with worrying liquidity may implement soft "RUG" under various names and complete exit.

Combined with the uncertain market situation at the moment, the dark forest essence of the currency circle has emerged again. The low cost of the project party's evil and the high cost of users asking for the truth were moved to the table again. There is a joke in the community that is so ironic at this moment

• "You may have to squat in the traditional world for 20 years, and you only need to bear some infamy here."

Therefore, never use funds to challenge the bottom line of a project, the spiral of moral silence will only sink further and further. Cherish those projects that insist on BUILD when the market is bleak, and I hope everyone can Stay Safe and usher in victory.