current position:Home>Golden Watch丨Investigation: A developer forged 11 identities How DeFi fraud created a SOL bull market Now targeting Aptos

Golden Watch丨Investigation: A developer forged 11 identities How DeFi fraud created a SOL bull market Now targeting Aptos

2022-08-05 18:23:07Heart of the Metaverse

对于被称为Saint Eclecticof cryptocurrency users,Sunny Aggregatorsomething seems out of place.

SunnyIt was last summer’s rush to the blockchain’s red-hot bull marketSolanaThe latest decentralized financial ( DeFi ) 应用程序,Its native token rose fivefold at the time.到9月初,SunnyLess than two weeks old,But billions of dollars in cryptocurrency flood this yield farm.

尽管如此,SaintAnd the others are still in doubt:SunnyWho is the mastermind behind?why its developers“Surya Khosla”is a pen name?Is its codebase audited?Is the user's cash safe??“没有迹象表明Surya是谁,”SaintRecalled recently,“所以很多用户”put their cryptocurrency in”feel uneasy“.Their suspicions proved prescient.

CoinDesk了解到Surya是谁:Ian Macalinao,Sabre的首席架构师,这是一个建立在Solanastablecoin exchanges on top.反过来,他在Saber之上构建了Sunny Aggregator.

it's just the top of the tower.

from Texas20multi-year-old computer expertIan,伪装成11An alleged independent developer coded,created a huge chainDeFi协议网络,Project billions of dollars of double-counting value toSabre生态系统中.This is temporarily exaggeratedSolana的总锁定价值 (TVL),because the network last year11Month is moving toward the top.DeFiloyalists willTVLConsidered as a barometer of on-chain activity.

“I designed a maximizedSolana TVL的方案:I will build protocols stacked on top of each other,This way a dollar can be counted multiple times,”Ian在CoinDeskReviewed wrote in an unpublished blog post.This post is in3月26prepared for the day,也就是IanOne of the secretly constructed protocolsCashiolost in a hack5200After three days of thousands of dollars.

People close to the matter confirmed the authenticity of the draft.



IanThe strategy worked for a period of time.根据他的统计,Sabre和Sunny在Solana的105亿美元TVL中占了75亿美元.(Billions of dollars double-counted between his two agreements.)

“I believe it contributed toSOLThe sharp rise in price,”Ian在谈到Solanaof native token prices reached188when writing the dollar.

根据数据提供商DeFiLlama的数据,即使Sabre生态系统在2021年9Start to lose momentum in the middle of the month,Solana网络的TVLstill expanding,在11月9Days or so to achieve150亿美元,而Sabre的TVLIt has dropped by then64%.Ian写道,He despised the“虚荣指标”;尽管如此,“以太坊TVL比SolanaMuch more to make me feel”,因为在他看来,以太坊上的DeFi项目——DeFiOne of the biggest chain blocks——也是彼此“堆叠”重复计算的.

“I want to create a system very similar to this,”他写道.一个问题:“If the same team builds each protocol,TVLWould be even more stupid as an indicator.因此,I created more anonymous profiles,”他写道.

Iandisguised as a mask11个人.

在公开场合,Ian和他的兄弟DylanCall their anonymous role“朋友”或“朋友的朋友”.Ianwrote in an unpublished blog,他们的“Ship Capital”Coding Club is working on“我理想的DeFiEcosystem development blueprint”.Sabreand its so-called liquidity providers (LP) Tokens anchor everything.

“If an ecosystem is built by a few people,then it doesn't look real,”IanWrote in his blog post.“I want it to look like a lot of people are building our protocol,instead of posting by one person20Several disjoint program.”

正如Dylan在2021年10月1as the day said,MacalinaosHope other cryptographic protocol has become so dependent Sabre,以至于“Its failure will cause the entire system to crash”.“顺便说一句,这是200 IQ [Sabre Labs]策略,但很少有人明白……”MacalinaoBrother has no comment by press time.



Use pseudonyms to seek asylum is justified.然而,Ian的大规模“匿名者”launched something like“女巫攻击”的东西,Abusing the trust of crypto users.(Sybil attack is when computers in a network use false identities to gain a disproportionate impact on the whole.)

“The reason why I said that,because I will inevitably be discovered,”Ianwrote in his never published blog.

相反,Macalinaos在5月发布了“ Sabre Public Goods ”以在整个Solana传播“Sabre团队”prolific code.Ian的11secret projects in8appear there.Their disclosure is a silence to Anonymous and their masters.Token ImplosionSunny和Cashio也没有出现.


“my anonymous army”

在创建Sunny Aggregator时,Surya Khosla是Ian的绰号.Surya于2021年8月出现在Twitter 上.Sunny怀疑论者Saint Eclectichesitant to put hisLPTokens are deposited into the works of this mysterious figure,This mysterious figure is an AI-generated face.

There is a factor forSurya有利:Ianpuppet claims“In real life is very understanding”Dylan兄弟.去年9月9日,Dylan Macalinaotweet about him“感觉很放心”Put your own cryptocurrency inSunny Aggregator.“We audited their code,”20岁出头的Dylan 说.

Dylon为Suryaprovides win likeSaintSuch sceptics credibility as needed.

问题是,首席开发人员“Surya Khosla”并不存在.Dylan的兄弟Ian建立了Sunny Aggregator.Ian编造了Surya.

这是Ian第一次与Saberflirting with fake identities——And it's far from the last.

Ian在2022年3月写道,他创建了11位“Actually my anonymous founder”.

Ship Capital有很多“朋友”:创建Cashio的0xGhostchain;Goki Rajesh,多重签名钱包Goki 的构建者;From the mining reward aggregatorQuarry的Larry Jarry ;治理平台TribecaDAO的“大师”Swaglioni;Of course fromSabre农场Sunny Aggregator的Surya Khosla .

这些DeFiLego bricks areSabreA gem of an ecosystem.根据Ian的博客,little-known protocolCrate(由kiwipepper运行)、aSOL ( 0xAurelion )、Arrow ( oliver_code ) Traction.Market ( 0xIsaacNewton )、Sencha ( jjmatcha ) 和 Venko App (ayyakovenko) 获得了冠军.He admitted that he created a lot of.


make noise

Ian、DylonAnd the puppet Anonymous is constantly promoting on social mediaShip Capital 的工作.They support peer releases and integrations,praise their brothersthinkfluencer推文,and compliment each other to inspire them inSolana上进行建设.They even spreadIanself-referential meme.Sometimes they get very philosophical.12月29日,多产的Solana开发人员 Armani Ferrante(真人)发推说:“如果你没有犯错,then you are too slow,”五个IanThe puppet responded within four minutes:

“正如@simplyianm喜欢说的……这是一个实验!” 声明@_kiwipepper——“她自己”其中之一.

Others dance around the truth.“团队规模=!成功,”Ian在2021年12月7日发推说.“I will pay immediately @larrinator01 和 @0xGoki 10 times the market price.Not that they need my money……”(Ian的Goki和 LarryRole of cheering).when outsiders question their legitimacy,IanAnonymous would be cheeky.

“i'm not a puppet,”Surya Khosla在11月25day assertion. 1月初,He joked about going to another developer“搞砸自己”,作为在SunnyBuilt on the reward.IanThe creation even tweeted a photo,claiming to have visited in Los AngelesMacalinao兄弟.

不可能知道IanWhether in his anonymousTwittermanipulated them after popping from his workbench.But the two haveShip CapitalPeople who worked with recalled inexplicable behavior of their members.一个角色的TelegramAccount will be in another role online after logging off.无论如何,IanAdmitted in unpublished draft for pulling their leads where it matters most:代码库.

“如果你是一名开发人员,It's easy to find out the open source protocol I wrote:There is always one that only I use‘flake.nix’文件.”CoinDesk证实IanMany of the projects described in the blog contain“flake.nix”文件.



为了了解“The anonymous force”How will the value of the repeated calculation injectionSaber,0xGhostchain的CashioProject offers a compelling point of view.

Cashio的CASH于去年11Month debuts near crypto market peak,被称为“去中心化稳定币”,Its dollar-pegged cryptocurrency is“流动性提供者”代币支持.(LPA Token is a Crypto Asset,持有者“质押”以获得额外收益.DeFiThe protocol issues it to users who lend tokens to keep transactions running smoothly.)

Cashio仅接受Sabre的LP代币作为抵押品.去年11月,这并不奇怪,had more than10亿美元 TVL的“自动化做市商”Sabre是SolanaThe main stablecoin pairs listedDeFi交易场所.(Sabre目前的TVL 为9060万美元.)

Cashio依靠Iancreated by anonymousSabreEcosystem projects to generate revenue.

它首先使用Crate将Sabre LPTokens are packaged to“Tokenized Basket”中,该Crate是Ianunder a pseudonym“ kiwipepper ”构建的.它通过一个名为ArrowThe revenue redirection platform sends these“crates”——IanTo build for it“oliver_code”.最后,Cashio表示,by depositing these deposit derivatives into“Surya 的”Sunny Aggregator以及Ian以“Larry Jarry ”建立的Quarry来赚取收益.profit inflowCashio的金库,由去中心化自治组织 ( DAO ) 管理.

困惑了吗?Cashioof customers are confused.CoinDesk请Cashioof two well-known users explain the complex process of the app;Nor can they.该应用程序的“关于”The page doesn't help much either.

用户关心的是:Cashio的DeFimachines accepted theirSabre LPcoin and spit it outCASH 代币.

It's a lucrative deal.CASH持有者可以将他们的LPSupported stablecoin depositsSunny流动性池,并获得10%-30%的回报.一位交易员表示,如果他们将Sabre LP代币存入Sunny而不是 Cashio,They will only be available5%-10%.It doesn't matter that the same crypto asset is behind both.

这就是DeFiThe logic of currency Lego bricks.

从Sabre到Cashio-to-Crate-to-Arrow-to-Sunny-or-Quarryof duplicate deposit pairsSabre的影响更大.根据Ian的说法,it will obviously1美元的TVL变成了6美元.许多DeFiProject through the propaganda deposits by the userTVL来衡量其价值.

“Only the protocol is constructed separately,TVLto be counted,”Ian写道,and explains why his anonymity protocol appears to be constructed separately.

根据TVL追踪器DeFiLlama的数据,Sabre的存款在2021年9月11日达到41.5亿美元的峰值;其SBRTokens in a few days ago has been achieved90美分.Sunny Aggregator的TVL也在9月11日达到顶峰,达到34亿美元.其SUNNYThe coin had reached the18美分的历史新高.

根据数据提供商CoinGecko的数据,Both coins are currently plummeting99%.Sabre和Sunny的TVLbarely getting better,Because they all fell96%以上.



Cashio于3月23日因5200Collapsed by a $10,000 Hack,这对Ship Capitalis a severe setback.

Iansaid in an unpublished blog,他“working very hard to push people inCashioInvest more in stock”,because he wrote the code for it.for them in the agreement“灾难性”loss apology,The agreement is that he use the alias create with his true identity recognition.In the unpublished postings,Ianpleading with hackers——A slamming American and European tycoon(fat cats)、Self-proclaimed Robin Hood type hacker——“Consider to return money.” The hacker did later refund the hacking victim's request3900万美元中的1400万美元.Ian写道,If the hacker doesn't repay the user in full,“I will do my best to use my personalSabre和SunnyToken repayment to affected individual users.This will not cover the full amount,But that's all I have to offer.” He promised never to cash the unpublished.


“Criticism of the obstacle”

Fake names are common in cryptocurrencies,not in itself evidence of wrongdoing.比特币首次亮相13年后,The creator of the chung's true identity is still unknown.然而,Even after the recent brutal sell-off,BTZAs an encrypted monetary leaders still has4420亿美元的市值.然而,According to an unpublished post,Ian想要“Criticism of the obstacle”:

“I just want to focus on building and creating value in my perception of the best way to do things.Before my idea completely to the market,I don't want to deal with too much criticism,And anonymity is a way to make myself(and the agreements I work on)Simple ways to distance yourself from this.”根据Discord服务器日志,Ian于2020年10month to touchSolanaland,This is not a claim“shipooor”The sporting code for the first time.他的GitHubHistory can be traced back to more than a decade ago,在2017年末的EOS项目中,He first publicized his cryptocurrency contributions.

2021年1月上旬,Ian在Discord for Basis.Cashdiscussed his opinion(事实证明是正确的)Doomed to decouple the stability of the currency of the tokens of economics.在那里,他“痴迷”to build a decentralized currency.Ian的文章说,在此过程中,he tried“build a multi-protocolDeFi生态系统”,但以“criticism and ridicule”and failed.“搬到Solanais a way for me to start over.”



these flocksSaberWho are the anonymous builders of?held last year in Lisbon, PortugalSolana会议上, Ian在一个名为“从零到20亿美元:Sabre如何成为Solana上最大的DeFi应用程序”Solved the problem of group discussions.“we brought some friends,基本上是在Sabrebuild and develop an ecosystem based on,”Ian告诉Sabrelargest venture capital (VC) 支持者Race Capital的Chris McCann.

一个“朋友”的项目是Sunny.另一个来自Ian别名kiwipepperTokenized Basket Production ProtocolCrate.“But that person also has,like many of their friends,”Ian告诉观众.他声称,One of the friends established Cashio,这是一个由Sabre LPToken-backed stablecoin projects,为Sunny Aggregator提供流动性.“we can promote [CASH] 为Sabre提供更多流动性,”he said on stage.

周四,McCann在接受CoinDesksaid in a brief interview,他不知道Ian与Cashio的亲密关系.“He always mentions that someone else created it,but i don't know who the others are,I haven't seen them either.”

IanUnpublished blog revealsCashioThe real background.作为0xGhostchain的编码,Ian赶在Breakpoint之前完成了Sabre LPExamples of supported stablecoins,这是SolanaThe largest developer gathering the ecosystem has ever seen.他写道,Ianhope others imitateCashio.each imitates its pairSabre LPThe protocol that the token depends on will become a liquidity leader,将更多的TVL涌入17 亿美元的Saber.

“This is part of why the code is not safe,it's hitting a deadline,”他在3月26日写道,Previously a hacker deceived with fake collateralCashioUnaudited smart contracts,损失了5200万美元.

Cashio的Discord社区——Passionate users roam here——可能认为CASH代码是安全的.毕竟,Ian在11月23tell them:“I audited it myself”它.他在3月23日,The day the exploit,向加密 Twitterpublished similar articles:“I didn't audit as carefully as I shouldCashio.”

Both andIanWrote in his letter that is not published:“I didn't let anyone else see the code,including auditors.我不应该这样做.”


keep turningAptos?

“Ultimately getting real developers to build projects is always our goal,”Ianwrote in an unpublished blog.

7月23日,The brothers began to pass“DAO加速器计划”Attract external developers to joinSabre.its application form asks:“How will you deal withSabreDeep integration agreement,从而提高Saber的交易量/TVL/资本效率?”

This effort comes as brothers fromSolana转投Aptos之际,This is a budding blockchain——将Sabretransplant with them.A venture capitalist said,许多SolanaDevelopers are following.三位消息人士称,Macalinaosbetting:They are in charge of a family anchored inAptos的VC.他们的VC被称为Protagonist.its old name is“Ship Capital”.

七名SabreEcological system users to tellCoinDesk,they feelMacalinaoBrother abandoned.一些在CASHloss on token(Previous stablecoins go to zero).Others say they are trapped in the encryption of currencySunnyDerivative tokens issued.一位匿名用户BradGarlicBread说,他在Sunny和Sabrelost about300,000 美元——“There are many people worse than me.”

BradGarlicBread说,社区认为IanIs hosting the program,“But no one knows for sure”.he is still trying to causeIan的注意.7月16日,Brad询问Ian是否“可以伪装成Surya一天”以帮助Sunny Aggregatorof investors recover locked tokens.Ian在Sabre Discord中回答问题;He skipsBrad的问题.

其他SUNNYToken holders toIanAsk about future developments in revenue aggregators.Sabre正在迁移到Aptos——Sunny也会这样做吗?他们询问SunnyWhat happened to the lead developer of.

Ian在7月16日说:“主要的Sunny开发者在CashioBurnt out after losing most of her savings in hack.”He said he would“鼓励”This disillusioned developer usesMove重建Sunny,Iansay it's aSolana的RustSafer Coding Language,RustUsed to build multi-million dollar protocols.

一周后,Ian说Sunnydevelopers are tryingMovefeel rejuvenated.“'it feels like an earlySolana一样.'”


copyright notice
author[Heart of the Metaverse],Please bring the original link to reprint, thank you.

Random recommended