Decentralized Exchange

Security engineer pleads guilty to Nirvana Finance exploit and one other hack

Shakeeb Ahmed was arrested for hacking an unspecified DEX, and then admitted to the Nirvava Finance hack too.

A software engineer pleaded guilty in the Southern District Court of New York on Dec. 14 to one count of computer fraud in connection with the hacking of Nirvana Finance and an unnamed decentralized cryptocurrency exchange. The United States Attorney’s Office said the case was the first-ever conviction for hacking a smart contract.

Shakeeb Ahmed, described as a “senior security engineer for an international technology company,” was arrested in July in connection with the hack of the unnamed exchange on or about July 2 and 3, 2022. According to the U.S. Attorney’s Office statement:

Ahmed returned all but $1.5 million to the exchange, which “agreed not to refer the attack to law enforcement.” The exchange “allowed users to exchange different kinds of cryptocurrencies, and paid fees to users who deposited cryptocurrency to provide liquidity on the Crypto Exchange.”

Read more

KyberSwap announces potential vulnerability, tells LPs to withdraw ASAP

Only Kyberswap Elastic funds are said to be at risk, with the developer stating that so far, no funds have been lost.

Kyber Network, the developer of the Kyberswap Elastic decentralized crypto exchange, announced on April 17 that there is a potential vulnerability in the exchange’s contracts. It has advised all liquidity providers to remove their funds as soon as possible.

The developer has stated that no funds have been lost. However, it has advised liquidity providers (LPs) to remove their funds as a precaution. Only Kyberswap Elastic funds are at risk. Kyberswap Classic smart contracts do not contain the vulnerability, the team said.

In a separate message, the team stated that farming rewards have been temporarily suspended until a new smart contract can be deployed. All rewards earned prior to 18 April 2023, 11pm (GMT+7) have already been dispersed and are unaffected by this pause.

The developer has stated that it will update the community soon with an explanation as to when funds can be safely deposited back into the protocol.

According to its official documents, KyberSwap Elastic is a decentralized exchange (DEX) that allows LPs to provide “concentrated liquidity.” Instead of requiring them to provide liquidity for any price point, it allows them to decide a price ceiling and price floor for the tokens they deposit into the pool.

Related: Binance identifies KyberSwap hack suspects, involves law enforcement

If the price moves below the floor or above the ceiling, LPs no longer receive fees. However, they receive higher fees if the price stays within the range they have set. This is contrast to the DEXs previous incarnation, KyberSwap Classic, which does not allow for concentrated liquidity.

The user interface for Kyberswap was hacked in September, and an attacker got away with $265,000 worth of crypto as a result of it.

Peer-to-peer crypto exchanges struggle to navigate shifting legal landscape

Two major P2P platforms announced their closure in the first quarter of 2023. Many blame it on growing regulatory scrutiny, but experts call for better alternatives.

A peer-to-peer (P2P) cryptocurrency exchange is an online marketplace that connects buyers and sellers of cryptocurrencies like Bitcoin (BTC). The platform enables them to conduct direct business with one another without the need for intermediaries. 

When purchasing cryptocurrency on a P2P exchange, a buyer transfers the agreed-upon amount from their account to the seller. The payment is not made between a consumer and a money services company but between two distinct customers.

P2P exchanges were once the lifeline of the crypto ecosystem, owing to the ease of exchange and privacy features that these platforms offered. However, in 2023, some of these key features have driven them to fall under increased scrutiny from regulators.

On Feb. 9, 2023, Finland-based P2P exchange platform LocalBitcoins announced it was closing after 10 years in service. The platform cited tough market conditions owing to the ongoing crypto winter, along with increasing regulatory pressure and declining market share.

The abrupt closure of one of the oldest P2P Bitcoin trading platforms came within weeks of the United States Financial Crimes Enforcement Network (FinCEN) naming the platform as one of the largest Bitcoin counterparties to the Russian-affiliated exchange Bitzlato.

Bitzlato was the target of a significant enforcement action by U.S. officials who accused the platform of violating of Anti-Money Laundering rules and aiding in the evasion of Russian sanctions.

Another prominent P2P Bitcoin exchange platform Paxful, founded in 2015, suspended operations on April 4. The platform cited the ongoing regulatory environment and staff departures as the reason behind its closure. In a Twitter space, CEO Ray Youssef dwelled more on their decision and said even though American regulators have done a lot of catching up in the past five years, they “still don’t get it. They grow more suspicious every day.”

The ongoing court battle between Artur Schaback and Youssef over the control of the firm was also seen as a prominent reason behind its downfall. According to court filings, the two co-founders are currently at loggerheads over who will manage the business and have made a number of charges against one another. The accusations include, among other things, the theft of corporate finances, money laundering and circumvention of U.S. sanctions on Russia.

In an interview with Cointelegraph, both Schaback and Youssef continued their blame game and pointed fingers at the other person. Youssef claimed his co-founder’s legal tactics “bordered on terrorism” and cost Paxful many employees and directors. On the other hand, Schaback said Youssef took unilateral action to shut down Paxful on April 4, and he had no say in the day-to-day operations of the company for almost 18 months.

Recent: Crypto in Europe: Economist breaks down MiCA and future of stablecoins

Richard Mico, chief legal officer of global on- and off-ramp crypto platform Banxa, told Cointelegraph that the breakdown of relationships between the co-founders resulting in litigation could be one of many reasons behind the downfall of Paxful. He added that the ever-evolving regulatory scrutiny in the U.S. had made it difficult for the decentralized crypto platforms and P2P exchanges to thrive:

“Paxful has faced regulatory scrutiny in the past over claims of money laundering and fraud on its platform. In May of 2021, the New York State Department of Financial Services (NYDFS) ordered Paxful to bolster its KYC/AML processes. It is very possible that Paxful is fearful of future ongoing investigations and remediations,” Micro told Cointelegraph.

He said that, aside from concerns over shifting regulatory requirements, market conditions are driving significant consolidation in space. However, he is hopeful that “more transparent regulation in the U.S. will enable both P2P and other exchanges to flourish in a manner that strikes the appropriate balance between consumer protection and innovation.”

P2P shutdowns impact emerging economies the most

P2P platforms have been instrumental in flourishing crypto adoption especially in developing nations and offering banking services to the unbanked. Paxful was a pioneer of crypto adoption in Nigeria, and its shutdown hit many users in the country hard.

Freelancers often used the platform to convert their wages to and from Bitcoin and make payments to each other, while traders made use of its escrow service to conduct business. As such, the closure has left many of these users in Nigeria wondering about the future of the domestic crypto marketplace.

The Indian government imposed a banking ban on crypto exchanges in 2019 cutting all banking facilities to such exchanges. However, WazirX, one of the early crypto exchanges in India, introduced its P2P platform to ensure people were still able to trade their assets. Indian crypto traders turned to P2P platforms again in 2021 after the government imposed a hefty 30% tax on crypto transactions.

Former WazirX CEO Nischal Shetty seemed more optimistic about the future of P2P platforms, particularly in the developing world. He told Cointelegraph that P2P platforms with proper Know Your Customer protocols “help onboard users, especially in developing countries without banking access, and will continue to exist.”

Nick Saponaro, CEO of decentralized payment platform provider Divi Labs, told Cointelegraph that the closures will be painful for unbanked and underbanked traders, hindering their ability to transact locally and globally.

“Countries like Malawi, where citizens are well-capitalized but have restrictive banking practices that only allow customers to withdraw a few USD daily — P2P exchanges are necessary for those individuals to interact with the global financial infrastructure,” he explained.

Ben Jorgensen, co-founder and CEO of Web3 interoperability platform Constellation Network, told Cointelegraph that the closure of P2P platforms is, unfortunately, a massive blow to developing nations, but most likely, these developing nations will see more and more native P2P exchanges crop up.

The rise of better alternatives to P2P

The declining popularity of P2P platforms and the recent closure of some of the oldest P2P platforms are also attributed to the new availability of better alternatives, as there are now more practical on-ramps that enable users to buy cryptocurrency using their bank accounts and credit cards.

The costs of doing business are also important. For example, exchanges like Coinbase spend millions of dollars just to comply with local regulations. The unbanked communities throughout the world stand to gain the most from P2P exchanges, but given the growing regulatory compliance requirements, it is unlikely that they will produce the volumes required to support them on a large scale.

Saponaro told Cointelegraph that the only way new and existing P2P exchanges will survive is as ancillary services offered by licensed operators:

“For example, Binance has a P2P platform; however, the business model is not profitable enough to be the sole revenue stream in a fully regulated environment.”

Marc Taverner, a founding member of Swiss-regulated crypto and fiat on-ramp platform Xerof, told Cointelegraph that users often switch from P2P platforms to other trusted solutions because they need to minimize counterparty risk. Users are naturally migrating to providers that can address these risks:

“We are seeing increasing demand for trusted, transparent and compliant solutions, and it will be operators with licenses from established and respected jurisdictions who will onboard most of these users. P2P markets will still exist. The long-term question just remains how they will cope with heightened regulatory requirements,” he said.

Recent: Why join a blockchain gaming guild? Fun, profit and create better games

Jorgensen said that P2P platforms will continue to evolve just like decentralized exchanges and explained, “Although DEXs [decentralized exchanges] are technically peer-to-peer exchanges, they are catered more to a trustless state with much better fees. In terms of regulation now and in the foreseeable future, cash-to-crypto and crypto-to-cash will likely end up where most if not all regulation will be enacted. Think about it. It makes sense that when entering and exiting crypto, like when you are entering and exiting stocks in trade, these cash-in and cash-out points are documented […] Ultimately governments want to tax these transactions, and this approach is the least complicated way to do so.”

The shutdown of major P2P platforms in 2023 has become a sign of evolving regulations, especially in the United States. However, experts believe that P2P platforms will still play a key role in developing nations, and these nations will move toward launching their native platforms to overcome the closure of popular global platforms.

Uniswap launches iOS mobile wallet in select countries

The decentralized exchange had previously stated that Apple was not allowing the app to be listed on the App Store.

Decentralized exchange Uniswap has launched a mobile wallet that features built-in support for the exchange, according to an April 13 announcement from the company. The app is available for iOS devices in select countries and can be found in Apple’s App Store.

The Uniswap team complained on March 3 that Apple was blocking the app from its stores. But in this new announcement, the team said that its wallet is “out of Apple jail and now live in most countries.”

Uniswap said the new wallet allows users to swap tokens on the Ethereum, Polygon, Arbitrum and Optimism networks. It can also be connected to any Ethereum app through WalletConnect. Users can back up their accounts by either writing down their seed phrase or encrypting their key vaults with a password and storing them in iCloud.

The Uniswap app also allows users to see detailed information about nonfungible tokens (NFTs) stored within it, including their floor prices and collections.

Related: Uniswap funds DAO incentive improvement project

To make Web3 onboarding easier, several wallet developers have offered mobile apps with built-in decentralized finance (DeFi) functions over the past few years. In 2020, Argent integrated MakerDAO and other DeFi protocols with its wallet app, and 1inch provided similar integrations in 2021.

Uniswap is Ethereum’s largest decentralized crypto exchange, with over $3.4 billion of total value locked inside of its smart contracts, according to its own analytics page.

Cointelegraph reached out to the Uniswap team for a list of countries where the app is available but was unable to get a response by the time of publication.

Web3 economy to gain more traction in Africa through DeFi-based financial inclusion

DeFi-based financial inclusion serves to increase liquidity and earning opportunities for African micro-entrepreneurs through Fonbnk’s partnership with Tanda.

Web3 in Africa began with cryptocurrency, with blockchain technology bringing a lot of transformation regarding transparency and people’s control over their finances. The Web3 economy in Africa continues gaining traction with decentralized finance-based financial inclusion.

Fonbnk, the Web3 on-ramp that allows Africans to obtain cryptocurrency assets by exchanging their airtime credits, has partnered with Tanda, a merchant network platform in East Africa, to launch an airtime trading marketplace across Tanda’s network of agents.

The partnership between Tanda agents and vendors in East Africa can increase liquidity in the marketplace through the buying and selling of prepaid airtime for profit. This, in turn, can create opportunities for agents to earn revenue and also allow them to store their profits in dollarized stablecoins.

The partnership gives African micro-entrepreneurs more earning opportunities, creating a growth flywheel effect through improved liquidity and marketplace efficiency. This cycle builds trust and generates even more liquidity. Moreover, this partnership enables more African users to participate in the Web3 economy — without requiring bank accounts or cards — by using only their airtime credits.

Although Fonbnk operates throughout Africa, its partnership with Tanda is concentrated in East Africa. Fonbnk plans to expand earning opportunities for African micro-entrepreneurs and bring decentralized finance-based financial inclusion to the masses across Africa.

During the first episode of Cointelegraph’s Hashing It Out podcast, the co-founder of Fonbnk identified the rise in crypto adoption as being due to several factors, such as the chance to earn money, inflation, currency devaluation and the ease of doing business on a global scale.

Web3 can open up an intra-African exchange economy, and it can be used for purchases and transportation between African nations thanks to the ability to be used between borders. It will assist Africans in generating more economic value in the wider market.

Related: Bitcoin gaming enters Africa with local crypto exchange partnership

According to BitcoinAfrica.io, the top five African countries whose communities are adopting Web3 and crypto are South Africa, Nigeria, Zimbabwe, Kenya and Ghana. They have the most demand for digital currency and the most active local cryptocurrency communities.

Magazine: Web3 Gamer: Shrapnel wows at GDC, Undead Blocks hot take, Second Trip

Decentralized exchange dYdX announces ’winding down‘ of services for Canadian users

“We hope that the regulatory climate in Canada will change over time to allow us to resume services in the country,” said the exchange.

Cryptocurrency derivatives exchange dYdX has announced it will be restricting Canadian user accounts over the next seven days in a move to exit the market.

In an April 7 blog post, dYdX said it will be “winding down services” in Canada, starting with halting the onboarding of new users located in the country. On April 14, the exchange will move all existing Canadian users to “close-only mode,” allowing them to only withdraw funds.

“DYdX is committed to providing transparency around product decisions and democratizing access to financial opportunity,” said the exchange. “We hope that the regulatory climate in Canada will change over time to allow us to resume services in the country.”

The move followed the Canadian Securities Administrators announcing additional restrictions for crypto exchanges’ registration requirements in the country. The rules required platforms to be “prohibited from permitting Canadian clients to enter into crypto contracts to buy and sell any crypto asset that is itself a security and/or a derivative.”

Related: GMX and dYdX go head-to-head for the top decentralized derivatives position

In September 2022, many dYdX users and those in the crypto space criticized a promotion from the decentralized exchange offering a $25 deposit bonus for confirming someone’s identity using a live webcam image. The exchange later ended the program, citing “overwhelming demand” rather than some of the privacy concerns put forth.

Magazine: Your guide to crypto in Toronto: Crypto City

Uniswap v3 code free to fork as BSL expires

The license expiration marks a significant event within the DeFi ecosystem, enabling developers to deploy their own decentralized exchange.

Developers are now allowed to fork Uniswap v3 protocol as its Business Source License (BSL) expired on April 1, shows protocol documentation. The expiration was a much-anticipated event within the decentralized finance (DeFi) ecosystem, enabling developers to deploy their own decentralized exchange (DEX). 

The BSL license lasts for a limited period before becoming completely open source. The purpose is to protect the author’s right to profit from their creations. Uniswap v3’s license was released in 2021 for two years, preventing its code from commercial use. A new license called a “General Public License” now applies to the protocol.

To fork the code, developers will be required to use an “Additional Use Grant” — a production exemption meant to accommodate both the needs of open-source and commercial developers.

Screenshot: Uniswap V3 core smart contracts repository on GitHub. Source: GitHub

Uniswap is a widely utilized decentralized exchange — considered the biggest automated market maker in DeFi space — providing a platform where token creators, traders and liquidity providers swap tokens. Its native Uniswap (UNI) token is a popular way for investors to gain exposure to the DeFi market.

In May 2021, shortly after being launched, Uniswap v3 surpassed Bitcoin in terms of daily fee generation, Cointelegraph reported. Data from Cryptofees showed that Uniswap v3 was generating $4.5 million in daily fees at that time, while Bitcoin generated $3.7 million.

Uniswap v3 Total Value Locked. Source DefiLlama.

Earlier this month, Unisawp officially went live on the BNB Chain — Binance’s smart contract blockchain — after more than 55 million UNI tokenholders voted in favor of a governance proposal by 0x Plasma Labs to deploy the protocol on the BNB Chain. Through the move, Uniswap users can access BNB Chain’s ecosystem for trading and swapping tokens. The integration also allowed Uniswap to tap into a liquidity pool with BNB Chain’s DeFi developer community.

Magazine: DeFi abandons Ponzi farms for ‘real yield’

European DeFi startups saw a 120% increase in VC funding in 2022: Finance Redefined

The top 100 DeFi tokens had a mixed week, with little changes and a majority of the tokens trading in green.

Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you significant developments over the last week.

The ongoing downturn in the crypto market hasn’t stopped European venture capital (VC) firms from investing in DeFi projects. A new report revealed that European DeFi startups saw a 120% increase in VC funding last year.

The Euler Finance saga continued to dominate headlines, with the exploiter returning a significant chunk of the $190 million in stolen funds. The exploiter has returned over 58,000 stolen Ether (ETH) in one installment, and another $37 million worth of ETH and Dai (DAI) in the second one.

Traditional banking giant, Citibank, forecasts tokenization will take over traditional finance and predicts that by 2030 trillions in assets could be tokenized.

MakerDAO passed a new constitution to create multiple offices tasked with fulfilling various jobs for the protocol, each with its powers and responsibilities.

The top 100 DeFi tokens had a mixed week and didn’t see many changes from the previous week, with a majority of the tokens trading in green.

European DeFi startups saw 120% increase in VC investment in 2022: Data

2022 was a turbulent year for the crypto space, from an ongoing bear market and high-profile collapses of some of the industry’s most prominent players, like Terra and FTX. Despite the setbacks, venture capital investors continued supporting crypto startups.

According to a new study released by European investment firm RockawayX, VC investment in crypto startups based in Europe reached its all-time high in 2022, with $5.7 billion invested. European decentralized finance startups hit $1.2 billion in 2022 — a 120% increase from the previous year’s investments of $534 million.

Continue reading

Euler Finance exploiter returns over 58,000 stolen Ether

The hacker behind the $196 million exploit on lending protocol Euler Finance has returned most of the stolen assets, according to on-chain data.

In a transaction on March 25, the exploiter returned 51,000 ETH, worth around $88 million at the time of writing. A second transfer of 7,737 ETH was made on the same day, worth over $13 million. Previously, on March 18, the hacker sent 3,000 ETH to the protocol, worth nearly $5.4 million at the time. The exploiter still controls some of the stolen assets. By April 27, the attacker returned another $37.1 million worth of ETH and DAI.

Continue reading

‘Killer use case’: Citi says trillions in assets could be tokenized by 2030

Citibank is betting on the blockchain-based tokenization of real-world assets to become the next “killer use case” in crypto. The firm forecasts the market to reach between $4 trillion and $5 trillion by 2030.

That would mark an 80-fold increase from the current value of real-world assets locked on blockchains, Citibank explained in its “Money, Tokens and Games” March report.

Continue reading

MakerDAO passes new ‘constitution’ to formalize governance process

MakerDAO, the decentralized autonomous organization that governs the DAI stablecoin, has passed a new proposed “constitution” intended to formalize governance processes and help prevent hostile actors from taking over the protocol, according to the official forum page for the proposal.

According to the proposal’s text, a constitution is needed because the Maker protocol “relies on governance decisions by humans and institutions holding MKR tokens,” which can “expose weaknesses and vulnerabilities that can fail the Maker protocol or the loss of user funds.”

Continue reading

DeFi market overview

Analytical data reveals that DeFi’s total market value rose above $50 billion this past week. Data from Cointelegraph Markets Pro and TradingView shows that DeFi’s top 100 tokens by market capitalization had a bullish week, with most of the tokens trading in green, barring a few.

Thanks for reading our summary of this week’s most impactful DeFi developments. Join us next Friday for more stories, insights and education in this dynamically advancing space.

Net losses from crypto theft down sharply in Q1 2023 at $322M: Report

A report from app provider De.Fi showed losses from theft down in Q1 2023 compared with 2022, along with the recovery of funds.

Crypto hackers and scammers made off with $452 million in the first quarter of 2023, according to a report released by antivirus and app provider De.Fi. But that is both good and bad news, as losses were down from $1.3 billion in the first quarter of 2022. The recovery rate was down, too, however.

According to the report, nearly half of the losses this quarter ($215 million) occurred in the first three weeks of March. The Euler Finance and Bonq DAO exploits were the quarter’s loss leaders at $196 million and $120 million, respectively. Due to those exploits, the Ethereum blockchain suffered the highest losses in dollar terms, even though Binance outnumbered it 18 incidents to 10.

The CoinDeal scheme was next, with $45 million exploited, followed by the Monkey Drainer phishing scammers, who came in fourth, with $16.5 million lost.

Related: BitKeep completes compensation for $8M APK exploit, announces rebranding 

In the 49 cases examined in the report, six flash loan attacks accounted for the most significant losses at over $200 million, with Euler Finance representing the bulk of the total. Smart contract exploits were the most common type at 17 incidents. Decentralized finance (DeFi) accounted for only five incidents but suffered the lion’s share of losses at $336 million.

In the first quarter, $130 million was recovered from the exploits. All of that money was recovered in March, with $129 million returned by the Euler Finance hackers. In the first quarter of 2022, $520 million had been returned out of $1.3 billion lost, amounting to 40% of the stolen funds, compared with 28.7% this year.

While DeFi dominated the losses reported, losses on decentralized exchanges and from crypto tokens and nonfungible tokens likely hit retail users as well. Theft is not uncommon for retail users, with scams constantly evolving.

Magazine: US enforcement agencies are turning up the heat on crypto-related crime

Orca DEX to block US users from trading with its interface

The company said U.S. traders would still be able to make swaps by directly interacting with Orca’s smart contracts, however.

The Solana-based decentralized exchange (DEX) Orca will block all United States users from trading using its web interface beginning March 31, according to a March 16 notice posted to its official website. 

The exchange did over $634 million worth of trading volume in February and has over $46 million total value locked in Solana smart contracts, according to DefiLlama.

On March 16, the protocol’s website added a notification that read, “Orca will be adding the United States to the regions and countries which are restricted from trading on orca.so effective March 31, 2023.”

Notice appearing on Orca’s website. Source: Orca

The alert emphasized that the change “will not impact the ability of U.S. users to directly interact with Orca’s smart contract or SDK, nor will it impact their ability to provide liquidity through orca.so.

Americans who directly interact with Orca smart contracts will not be affected by the change, the notice said.

Orca is one of the DEXs used by Jupiter to source liquidity for its swap aggregator service, so Jupiter’s website may be an alternative for traders wanting to interact with Orca smart contracts.

Cointelegraph attempted to contact both Orca and Jupiter but did not receive a response from either by the time of publication.

Centralized crypto exchanges that are not licensed in the U.S. have often blocked American users to avoid the ire of the country’s regulators, but most decentralized exchanges have not followed suit, with a few exceptions. Aggregator 1inch began blocking American users in September 2021, after stating in its terms of use that U.S. residents were not allowed to use its interface. Binance DEX also banned U.S. users in June 2019.

Unlike centralized exchanges, DEXs do not have a centralized “back end” or database controlled by the developer. For this reason, many users have found that they can circumvent geographical bans in most cases by using a VPN to hide their IP address or by connecting directly to the blockchain through a development tool such as Truffle or Hardhat.