June 23rd, 5:00 a.m.
Getting the call shortly before dawn that we had been hacked didn't exactly rank up there with the best of Wednesday mornings.
We'd experienced difficulty before, though - through one of our exchange partners. A few years back they had their code compromised and their accounts drained. We lost money that day as well, but it had never been a direct hack on our protocol.
As the information about the hack flooded in, we realized with mounting unease that this time it was different. This was a direct attack on us, an exploit that used a previously unknown vulnerability that the hackers had found.
And to make matters worse, our discord channel had been invaded by the smug, self-satisfied hacker (or hacker collective), who was busy spouting ideological talking points about “making us stronger” and “not doing this for financial reasons”. Spoiler alert: it’s always about financial reasons.
With the entire protocol at stake, years of work at the brink of being destroyed, our core team banded together for a quick and impactful response.
This is the behind the scenes insight about a hack that amounted to over $50-million in damage, and how the team and community banded together to solve the problem.
What is the Haven Protocol?
If you want to understand what we do you have to go back to the beginning.
In the cryptocurrency space, unbeknownst to most people is the fact that you can either have privacy or stability, but not both at the same time.
As a quick example, Circle's USDC coin gives you price stability, but anyone from the government or other nefarious actors can easily see what you bought and how you move your money.
On the flip side, Monero hides your transaction and they are fantastic at it, but due to the volatility of the market, it may be worth more or less depending on the market cycle and when you decide to buy or sell it.
The Haven Protocol bridges this gap.
The original concept was called “Haven Dollars” or XHVD. It was built as a “mint and burn” USD-based stablecoin, which meant users bought Haven's coin (XHV) and converted it for the USD equivalent in XHVD. Completely private. No middleman required.
It was the product of two anonymous developers who saw the opportunity of private finance (PriFi) and decided to create assets to make PriFi a reality.
In its infancy, the only way to get your hands on XHV was through mining it or buying it on a small anonymous exchange called TradeOgre, but the community—mostly consisting of privacy advocates—grew and thrived.
We weren't without growing pains. As mentioned earlier, one of the exchanges that had listed XHV got hacked. Accounts were drained, and, like others we lost significant amounts of money. But we were optimistic despite this—as it's unfortunately a risk factor of being involved in crypto.
After this experience the developers at the time pushed testnet deadlines without details and left the project when it became clear it was going to be too much for their skill level. That could have been the end of the Haven Protocol, but new developers stepped up, understanding that the idea of PriFi was far too important to give up on.
It wasn't exactly smooth sailing after that but there were positive developments. As the community grew, so too did the core team. Progress accelerated and development smoothed out.
We launched the first xUSD testnet in January 2020 and followed that with a partnership with ChainLink in March for the first decentralized pricing oracle. After that, the new codebase was open sourced in May and the mainnet launch was set for July.
But one Wednesday morning in late June we were worried we weren't going to make it to July. It was 5:00 a.m. and we had realized we’d just been hacked.
The attack came in two different parts.
The first we recognized immediately. There had been modifications to the block reward and hackers had taken off with more coins than we normally give out for closing the block. It was a previously unknow vulnerability, a hole in the code leftover as an easter-egg from the previous development team who had left the project.
An annoyance, but nothing we couldn't handle. Working furiously to resolve the situation, our core team had, by 1:30 p.m. the same day, run a patch out to the nodes to resolve the problem.
It was only a few days later when the second half of the hack came in that we saw the full-extent of the damage.
This was different.
It was sophisticated, direct and aggressive. The team spotted two suspicious transactions in the explorer, and after some investigation from the team we discovered another vulnerability. This one had been exploited twice in three days. Thousands of counterfeit xBTC coins had been minted and sold as XHV on our partners exchange.
Our response had to continue being quick, direct and impactful - before the surplus of minted xAssets dropped the value of XHV to zero. If that happened there would be no coming back. The project would be completely wiped out, with 10’s of millions of dollars lost, decades of working years destroyed, and the project in shambles.
We didn’t have much time.
Our first few actions set the tone for the rest of the incident. We were quick to contact our exchange partners at TradeOgre, KuCoin and Bittrex to shut down any potential off-ramps for the pilfered assets.
Then we disabled our price record mechanism, which is used to determine how much xUSD or xAssets are minted in each transaction. This was, admittedly, an extreme measure, but was done so to ensure the hackers couldn’t further convert any xAssets to XHV and sell them on the exchanges.
Then we approached the community to make a very difficult decision. After some soul searching and discussion from the core team, we asked the community to vote on a rollback of the blockchain.
It's always a controversial choice to roll back the blockchain. All transactions are erased, thousands of people would lose gains made between the hack and the point at which the decision was made. But with it would go most of the inflation caused by the exploits, including the mounting losses of a +$50-million hack.
The community responded with overwhelming support. With a successful vote in, we proceeded with the difficult decision of rolling back the blockchain, and progressed forward with even more updates.
We'd located the exploits and had stopped the bleeding, preserving the protocol, and the idea of private finance. But during his visit to our discord channel the hacker warned us he'd be back.
We’ve been applying our lessons learned ever since, ensuring we’re more than ready for the difficulties of the future.
Since the hack we’ve added an additional transaction validation to prove asset types used in each mint and burn transaction.
We’ve brought in cryptography experts Cypher Stack for analysis and testing.
Next we cleaned the code, fully refactoring everything, increasing efficiency and strengthening the protocol.
We’ve also approached the community for more help in the processes associated with debugging, development and peer review.
We hired an expert from Monero to put the code to the test through penetration testing. The testing helped the team to think like hackers and helped develop new features to defend against any future attacks.
Finally, we threw the gauntlet down to any enterprising programmer, offering a bug bounty with prizes of up to $100,000 for anyone willing and able to strengthen the protocol.
There has been a vast amount of changes in the past few months as we look at accelerating forward to the PriFi world that we believe is necessary.
What Comes Next?
We've learned our lessons and now we're looking forward. Despite the mistakes made, we believe this experience has served to make the protocol, and the community, stronger. Whether it be integration with the cross-chain decentralized exchange THORchain, new proposed wallet options we were working on prior to the hack, or expanding access to Haven all over the world, we'll take what we've learned from these experiences into everything we do.
We're convinced now more than ever that Haven is the future of private money. PriFi is coming, and we’ll lead the charge.
AHawk discovered Haven Protocol in 2018 and has been a community leader for the project since 2019. As a crypto investor and enthusiast, he believes the concept of a Monero-based private stablecoin ecosystem will truly revolutionize how people protect their financial privacy and interact with crypto in the years ahead. You can learn more about the Haven Protocol and the community by going here: https://havenprotocol.org/
The views, opinions and positions expressed in this press release are those of the author alone and do not necessarily represent those of https://www.cryptowisser.com/ or any company or individual affiliated with https://www.cryptowisser.com/. We do not guarantee the accuracy, completeness or validity of any statements made within this press release . We accept no liability for any errors, omissions or representations. The copyright of this content belongs to the author. Any liability with regards to infringement of intellectual property rights also remains with them.