Hello there. Can you can you hear me?
Yeah, as I can. Thank you, John. I'll go fam. Good morning. Good afternoon. Good evening. Thank you very much for joining. We'll get started just a second.
Okay, it looks like we have everybody in the speaker sports stacey.
Okay, hi, I'll go fam. Thanks for tuning into this. We are, you know, of course, this is a pretty dark day, a pretty dark week for our ecosystem. Yeah, and, you know, of course, I speak for the entire
I'm not sure if you're going to be able to do that. I'm not sure if you're going to be able to do that. I'm not sure if you're going to be able to do that. I'm not sure if you're going to be able to do that. I'm not sure if you're going to be able to do that. I'm not sure if you're going to be able to do that. I'm not sure if you#
a pretty terrible thing. You know, if you are the hacker and you're lurking out there, I don't know how you sleep at night. I will say I don't know how you look yourself in the mirror every morning and see what you've done. I don't know how you
sleep at all. I know two people that haven't been sleeping very much are Michelle and Pablo. You know, they've been they and their teams, they have a, you know, reasonably small team, I would say they've been working around the clock trying to figure out, you know, what happened. This has
has been, you know, we don't know still what happened. And this has been a very sophisticated operation. So what we are, you know, so just by way of, I guess, managing expectations about whether we'll have some answers about what's going on. We really don't know anything, you know, at this point.
But what we'll do for the flow of this is I think I'm not sure which one, but one of the two founders of Rand Labs will give a bit of a timeline a recap of what happened. We've had some comments about
communications. You know, I do want to say that. And so Fred Estante, who, as you know, is our head of product marketing, he'll go through the communications timeline with you. You know, I will say that right from the beginning, there's an ongoing investigation and we are separate entities. So there was a
You know a limited degree to which the foundation could say something but you know john john woods, you know, of course was out there pretty you know the next day actually trying to give you know information about stuff so about but Fred will will take you through that and you know on communications let me just say personally I think we could have done about
better job on that. I think we did a better job than some folks are giving us credit for, but I do think we could have done a better job on it. And so we'll learn from this. We were limited, you know, someone in what we could do, though, I will say.
And John will come on and he will talk about again the protocol and the measures that you should be taking and just kind of some best practices and also give his take on the timeline as well. I've gotten a lot of DMs.
of very kind DMs. I mean, there's been some, you know, of course, lots of anger out there. A lot of people are hurt. A lot of people are hurt materially. It's a very big deal to lose money and some people have lost a lot of money. It's hard to even imagine, you know, what that
I just want to, you know, end I guess this little intro though by saying I've seen so many instances of of kindness of you guys one to another and support one to another and you know this is we are based on community and it is it's you know heartening in days like this and weeks like this
to see that kind of community coming together and just being supportive and nice to each other. So I did want to just say that as well. So I'm not the technical person, so nobody wants to hear from me on the technical stuff on this. So Pablo, or Michelle, what did I
handed over to you first and then we'll go to Fred and then we'll go to John and then we'll if we have time we'll we'll take some questions from the community as well. Yeah, thank you Stacy. So I think we know given a situation it's best to give a quick overview of what happened. Timeline some details of what have been
doing since then. But essentially, on February 20, two weeks ago, more or less, there were like, I don't recall exactly, but let's say, around 20 addresses drained of their
of their funds and these addresses were particularly big in balance and that was all we knew till then. Victims started reaching out throughout the coming days after that event happened and we started to put the clues together reaching out
to the relevant exchanges including like KuKo and ChangeNow which were the main places where these funds started flowing to alert them of what was going on. We know ChangeNow was able to freeze some funds back then but we kept finding that
understanding what was happening, interviewing the big nives, discussing, but still very in the known, like the main theory was some type of fishing attack. It was, despite that, like the numbers were too big, so it would have had to be some sophisticated fishing attack and we were
We weren't sure about that. But as time passed, we started getting more concerned because we weren't sure but there were more claims to more hacks. We later checked that and we found more wallets that had been hacked at the same time and then that being around 24
addresses that were drained and that's when we decided to kind of start alerting people of what was going on. Also in the middle of that we've had some good contacts with the FBI from previous cases given that we also run the
I will explore API and those logs are usually valuable for authorities. We ended up being able to communicate with the authorities very quickly and providing the logs relevant for them to start investigation, which has been very helpful.
And yeah later, a week after that incident or more or less, sorry if I have the timelines wrong at this point, but there was another incident where another group of addresses got drained or
stolen their balances and these were going for again like the pattern now was like they was going from biggest balances to least balances that's where the biggest alarms starting popping up and that's where we knew this was something bigger than expected that's where
also you'd start seeing more and more alerts around the ecosystem asking users to with rather their funds if they've been using my other wallet as again we had till then not being able to identify the evil gravity or what the root cause of all of these
And throughout all this time, most of the team has been spent working with the authorities, retrieving all the relevant logs needed for the authorities to identify IP addresses and where the flow of funds was going.
similar efforts were addressed to exchanges, coup coin Binance, change now, gate among others and again to be able to alert them of the malicious addresses we also ensured every all main hacker address
So, this is supposed to be in the IWx plurors so that the community can also help alert any movements that are going towards specific directions. So, we could alert exchanges fast enough. So, the later, obviously, March, this Monday,
the attacker had till then been draining funds manually even using my algo to to drain some of these funds by manually going by one by one from in descending order but then on Monday it looks like the attacker was able to find
finally automate this script to drain all everyone's funds or the funds of the accounts the attacker had access to. With still very early we're still analyzing the numbers and tagging all the addresses that are confirmed and potential.
But there's evident patterns on chain that we can use to kind of more or less measure the impact the amount of the impact We estimate around 2,000 to 2,000 to 2,000 to 2,500 accounts have been impacted There's a particular type of
attack that we were not we're having been able to really track we don't have indexes for that but it's just the attack was also re-kying some accounts even like one of my personal accounts was re-kid which had a defy positions and ASA so and discussing with other victims it looks like the there's some
Some Rekid accounts that most likely the pattern is that they had some like many NFTs or different ASAs or LP positions in DeFi. But we don't know still if those Rekid accounts were manual before the script started running. Or if it was also part of the overall automated script because it's hard to find.
enough cases of Rikita accounts to do the right analytics on that front. Other than that, I mean, we understand how bad this has been for the ecosystem. Even ourselves, we've been impacted personally as well.
And we'll continue working tirelessly. So we have, even despite our very small team, unlimited resources to collaborate with everyone needed, right? Continue tracing addresses. One point that is kind of unique to Algran is like,
The ecosystem doesn't have like mixers. It doesn't have a lot of volume on the bridge side. So overall the chain is very hard to for an attacker or a thief to exit the funds or clean those funds which is like towards the advantage of victims.
it's going to be a hard time for the hacker to get out of these assets also. We cannot say much about this but our storeities are optimistic based on the information they have. We still don't know how this is going to be resolved but
Ensuring entities like Chain Analysis also help on the tracing of funds will ensure that exchanges are alerted to freezing any funds that arrived from any of these tagged wallets. Authorities have like optimism about the capacity to find the perpetrator.
That's all we can look forward till now. Also we have Halborn, which is like a leading audit firm, helping us actively since last night in trying to find the root cause of what happened internally. Throughout this step, obviously we have to prioritize.
We've been looking for that vulnerability but while also juggling the balance of alerting our authorities and ensuring the least amount of funds we're able to escape. But hopefully, you know, with the help of Halburn, we'll be able to get to the bottom of this. Yeah, basically the idea is to understand.
what happened, how this was in our infrastructure, if it was the case or if it's a vulnerability. So understand the second one's happened, for us is the priority we are opening everything to the investigators.
So we gave the FBI, the Singapore police. We are giving them all the logs to make the enforcement easier. So our idea is to open everything. So anyone can
any any investigator can research and understand what happens. So that is our top priority now a part of the enforcement that we are working all the time when we see any movement of the attacker we are
or modify the exchanges or whatever need to be notified. Unfortunately, sometimes, John Moa as fast as we are moving, but our top priority is there and then to find the root cause of this.
So we understand really the anger. We are also losing the lot here. And yeah, it's a really the unfortunately this industry.
It hurts a lot with these kind of insians. And it's a tough moment. Really, they kind of happen in this industry. And we are. Yeah. This is like the worst phase of this technology.
We spent three years working tirelessly for Algrang without looking up for any upside or anything like that other than just contributing to the ecosystem. It's very hard for us and the team to be in this position seeing what has happened to the ecosystem.
Yeah, I think that goes without saying. I mean, we know your sincerity and we know that you're trying to figure this out. And we have also, we talked about the investigation and John will say a little bit more about it.
But of course, that's going to be our very top priority right now. And we've just hired a whole-burned and also a channelist to do some work to figure this out. So, yeah. Fred, do you want to go next or John?
Thank you. I'll see you all next. Okay, great. Fantastic. Thank you, Stacey. Thank you, Michelle, for the very detailed timeline. So I guess I just share a few quick words in the sense that to begin with, John was appointed internally as the spokesperson for Darwin Foundation, given this was a tech vulnerability issue and John, just the chief technology officer of Darwin Foundation.
John Earlyon shared a lot of information. He amplified when labs and my August communications shared personal thoughts and also you know just led basically the communication efforts such as the research performed by one of our community members led by one of our community members D13. We first turned all of our eyes and I think
to the protocol and evolved our own ink and relevant parties to make sure that the protocol and the agron SDK were not compromised. We did a lot of very deep technical electrical research there to prove that in fact the protocol itself was not compromised. Then we started working very closely with all evolved parties giving full technological and operational support
to the investigation. When my algorithm decided to alert users to move funds, we amplified that and this happened on February 27th, so John went on to amplify this announcement and also share his thoughts and how people can do that. Moving forward, we quickly, you know, went to text, ramped up basically early
This week we were very quick to respond to the community on social channels website. We also did a million lists of last 200,000 of emails. We have an on database with a clear, you know, call to action for the our community and also with specific guidelines on how to either be key their current account to new accounts that can be created in one of the
other wallets in the ecosystem or also just directly move all the funds to new accounts. And as recently as yesterday, we announced the engagement of how board and channel analysis to bring them into the ongoing investigation, which I believe John can speak with a little more depth to the actual involvement in the investigation moving forward.
John Hey, yeah, hey everybody can you hear me okay? By the way because sometimes my phone is funny. Yeah, okay cool Yeah, I mean look it's this is awful stuff I Think you're looking back on it over the last kind of a few days. I think it's been wonderful how I
How much the community have come together to support? I just want to shout out to folks like Dieter thing, Dieter thing collective who really been pushing forward 100% Yeah, yeah me too Yeah, and you know what's a testament to what we're trying to do here, right? I mean, I don't want to get philosophical about it, but like it's a shit situation
and everyone pulled together, even people who weren't personally impacted financially, just to try and make sure that we were all working together, putting out good information and reducing the noise. So yeah, I just want to say, you know, the community did more than I did. I was just part of it, but just want to say I appreciate all the help
and you folks know who you are, who I've been talking to. And so you guys know I've held a few calls, I've talked to most of you, I want to warn about this. Obviously we still don't know the fundamental root cause, but we've hired professional firms now who are going to go in and try to
find out exactly what happened. I worked a long time in computer security and there's just so many different avenues for exploits and vulnerabilities and zero-day attacks and DNS poisoning and key exfiltration. It's a smorgasbord of different vulnerabilities.
which is why I guess at the very beginning my chief instinct was to check that it wasn't a problem with the protocol and with consensus. And of course we did that by verifying that the transactions that were exfiltrating the funds or taking the funds had valid signatures we pulled out the order
and s values of the elliptic herb signatures, we checked that the V or F was functioning correctly, that the consensus algorithm was functioning correctly and that the transactions were technically valid, okay, even if they're illegal. And so, yeah, so obviously it's not the protocol, but that then leaves
of course key bias and we checked the entropy of the keys. The randomness quality, I should say, rather than the entropy of the keys, didn't see anything there. Now we're now down to looking for zero-day vulnerabilities, vulnerabilities in the website and other things.
like that. So we'll get there, we'll get to a place where we figure this all out. And you know, you guys will know I did a video the other night, it went down pretty well. I think I got a lot of views and folks seem to appreciate it. Talking about how this stuff works mathematically in a simple way and also the various types of wallets that you can have.
and how they work and the difference in how they're architected. So I'll be doing more of that stuff. I'm going to be doing a lot more live stuff, trying to educate people and bring people up to speed on the latest and greatest ways to do things. And so people understand what the technology that they're using. And yeah, I'll just finish with saying that
I will be doing, I'll do a live stream as well when we figure this out when Halborn and Chan, well, Chan-Olsis are helping to freeze the funds that have been stolen, but when Halborn hopefully figure out with the MyAgo team, exactly what went down, I'll do a live stream and talk through it and explain it to everyone. Yeah, I hope that helps.
Okay, so do we want to take Fred maybe I'll have you moderate if we want to have a bit more of an open open discussion. Absolutely, wherever to have some requests from the community, so start bringing people to the speaker board so they can share their questions.
I think maybe what we'll do is we'll gather a few together in case there are a lot of them and then we'll kind of, we'll group them together and answer a few at one time.
Sounds like a plan. Well, we already have D13 in the speaker board and joining him are Elder and the Guard Protocol account, which were the first three requests.
So maybe the 13 we can start with you.
I don't have a specific question. I just wanted to make a comment that I am I was very happy to see Halborn come on board and the basically what I'm perceiving is the full way to the foundation behind this investigation.
It's not really just about liability and it's not as good as it was so long but it is clear something that is impacting the ecosystem. And seeing you guys take this seriously and full force is yeah, more than that. So thank you.
Thank you very much, I believe in behalf of the entire community and our team, I truly think and appreciate all of your efforts and all the time you're putting to help us from the get go of this incident to try to gather information, gather data, share the news with the community.
So we truly appreciate our ongoing support in this matter. Thank you. There is maybe one question that's been asked a couple of times, which regards the licensing of my algorithm if it is intended to open source it.
Okay, let's collect that. I will write that down and then let's just get a couple of a couple of questions together Sounds good. Well the next person to request a big speaker board was elder and then we move on to guard so elder Yeah, hi all obviously very unfortunate for you know and I
I feel sorry for everyone that actually suffered through this attack. It is a bit disturbing, I have to admit, looking at Twitter and a lot of people attacking Al-Gram Foundation and individuals which I don't think is fair. I mean, remember this is decentralized.
ecosystem and there are certain risks that convert it. I mean the fact that the Algorithm Foundation is extending their help and bringing in and I'm assuming paying for Holborn and Chenialysis speaks the volume. So you know just you know do think about you know things and especially
When you tweet in anger and don't get me wrong, you know, I've been in this ecosystem for a long time and I'm underwater probably more than you know multiples of you and you don't hear me screaming So I just want to say you know it you know
not doing yourself any favor by screaming and trying to either play victims or blame other people that are quite frankly not responsible here. Let the investigation run the course and then let's see where we are at the end of it. That's all I have to say.
Okay, thanks Elder for that and I guess who's guard. Guys, you guys are next. Hey everyone, this is Riley from guard. You know, appreciate whoever was in our space and mentioned that this was starting up right after. So I guess a little plug are you know weekly Twitter space. That's why
Wednesdays at one Eastern, we talk about this kind of stuff all the time. And the first thing I want to say is that I want to just give my personal condolences to everyone who's been affected by all of this. Lots of different people have been affected in one or many different ways.
I think it's really hard to measure people's losses. I know that Alder said that you were affected. There's people who have been here for years, whether as a community member, whether as a believer, a builder. There's so many really great people who have been contributing to Algrant.
And, you know, I want to agree and say that, you know, this hack is not the fault of the foundation, right? It's not the fault of the foundation. And the good news is that it seems, you know, all evidence points to the fact that, you know, the base protocol is safe, right? One of my questions was about open source.
sounds like that's already been asked, so appreciate that. Who already brought that up. But really another one of my questions, though, is again, 100% agree, not the foundation's fault that there is a hack. And my sympathy goes out to everyone who has been affected by this, which really is the whole Algrang community, right? This is
one of the biggest exploits, if not the biggest of this variety ever, and you know it happened during a bear market. So it's quite serious and I know a lot of different people are going to need some time to recover from it, right? But the real question I have is why
Did both ran labs in the foundation really not raise the alarm sooner, right? You know again things happen right We all know that right. I mean, it's like as everyone said this is Bleeding edge technology very out there field but you know the I'm not sure why the
alarm bells didn't go off sooner. I'm not sure why people who came out were, you know, I feel like it's a silly word to use, but it fits why these people were all gassed lit publicly. And, you know, if there's, again, the people who are affected
evidence was from behind the scenes. And if the foundation thinks it was a mistake and if for Ann Labs thinks it was a mistake that they didn't act sooner to tell people to make a change. So maybe I can speak to that from a technical angle.
Sorry Stacy, do you want to speak first? No, I think we had one more question though from Fred and we'll just we'll gather all four together and then we'll answer. Thanks. So we're also going to be able to take a question from Jesse. So Jesse, please share a question and then we start responding to an answer. Thank you. Hi, thanks.
I understand that we now have professional organizations becoming involved in the investigation and we'll probably get a great post-mortem out of it. But to this date, has there been any interviewing of anybody that is a
verified victim and if so are there any commonalities or parallels that have been drawn like browser or OS version in patch level or the date the seed phrase was created or imported or anything of that nature.
Okay, thanks. That's a very good question that John has with together with the community spent a lot of time on. So let me just summarize. So my Algo open source, wholeborn. Thanks for those words, Elder. Yes, the foundation is paying for
I don't know if you can see the professional services to come in, but I do want to say that ran labs went out and sourced them and talked to a bunch of different ones and selected and did a lot of, you know, they did a lot of heavy lifting in terms of what would be the best, you know, what would be the best firm to do it.
didn't come out earlier. I am going, you know, gas lit is a very serious accusation to level at somebody. Gas lit means that you deliberately hide or obfuscate the truth in order to make a victim think that, you know, they've gone crazy or something has happened that was not true. So I'm I'm going to
object to your characterization of us doing that. But we'll talk about the communications again. And then the last is the commonality around that. And so, John, why don't we kick off with you? Because I think some of these apply to you and then we'll go to Michelle or Pablo as well. Yeah, look, I'll keep it really quick.
the notion of raising the alarm and sounding the sirens earlier, it's just not the way things are done in computer security. I've worked professionally in computer security both on Cardano, Ethereum and indeed Algarand, but also, prior to this, I led Cloud Security at a major American firm. When you have a situation,
You have to apply kind of a kind of a professional triage to it. And so you have to apply Occam's Razor, you've got to take things, you can't jump to conclusions. And so when at the beginning when we had a handful, 10, 15 high value accounts that were compromised, without the what was it today's
which is the huge compromise of thousands of accounts. Of course, when you have thousands of accounts that are compromised in a single day, that's a totally different thing. In the early stages, it looked like a spear fishing attack against high-value, prominent individuals in the community. You have to, just like in medicine, you have to basically treat the symptoms that you
see at that point. And so that's the reason we didn't go out and try to start a panic with people using myago because it wouldn't be appropriate. Because if it did turn out that it was a high-value spearfishing attack, which happens by the way all the time in many different contexts and many different industries, we would have caused mayhem to the average retail user. And so you can't jump to
sound in the alarm and that's just the reality of it. I know looking back now, now that it's escalated to the point that it has, one might say, well that would have been useful, but in reality, nine times at a time, it's not the right action. Right, well I don't think that that's fair though. I can really... We'll let people just...
continue answering the questions now. So thanks. All right. All right. Well, I'll say is that look for the most simple solution. I don't agree that that's the most simple solution. But anyway, I'll just meet myself. OK. And then for the question around the characteristics and patterns, absolutely, that was one of the key drivers in the early days.
So with the help of the community, really driven again by Dieter Thin, who basically formulated about 48 different questions from, as you said, what version of Mac OS are they on? What's the kernel version of Linux? When's the last time they used the seed? It was quite literally 48 characteristics, and we surveyed a whole bunch of different people from the community who were affected.
And there wasn't really a very obvious trend in the data except for all users were using single sig my algo wallets that were interacted with the web interface. And that was the only real characteristic. No one was using hardware, no one was using multi sig, but outside of that,
There was no correlation or pattern in the data. Yeah, and go ahead. Yeah, it's a there is a correlation about a crumb, but it's 95% of our users were from crumb. So it's a
it's difficult to and to say that it's just Chrome. So that's the only correlation because we saw Windows operating systems with macOS and even mobile. So it's a difficult, we didn't find a partner. I will answer also on the
why we delay, we did, it's initially we didn't know exactly what was the electric term as John says but as soon as we understood that this was more a bigger
thing we communicate by Twitter that we strongly advise all users to withdraw any funds from the money world. So as soon as we understood the impact we did it and we didn't expect to speculate about that. So
The problem is that sometimes you don't know exactly what is happening and that was the case initially. But it's a that's something that you cannot say everything is broken if you don't know.
Sometimes you can prevent something but then what happened after will give you the if you were okay or not, but it was very difficult at the beginning to understand the whole
impact of the attack but as soon as we saw new attacks we took the advice to withdraw the funds or breaking so that was our position. Then on the open source we were talking about
open sourcing with the foundation before this, the wallet, but to open sourcing a code or a software, it takes a lot of time because you need to document, you need to prepare the code to open sourcing. Otherwise, you give the code
to attack it. So it's a preparation. Now it's a different story and it's a possibility which also allows us all that possibility. Also Eldar, if you want to access the repo, we can also
I give you access directly if you want to. D13, did you want to say one more thing? Before I wrap up. Yes, I started to start it out here. Sorry for interrupting. I just want to make myself clear here. It's, you know, I was not affected by the hack or
scam, whatever you want to call it. I was referring to the fact, which is something that should be openly said, because what has happened, the value of the overall market value of Algrant has gone down 100 million. So that was what I was referring to when I
But anyway, I appreciate the offer is not needed. I managed to rekey in time. And I have to say here, no thanks to the earlier alert from the Randlab or Algram Foundation, but it just happened that I followed one of the members who was highly recommending this
on Twitter. So it was really sheer luck rather than anything else. Okay, Deeper team, did you have one more comment before I wrap up as well? Sure, I'll keep it brief then. To provide a little bit more context and background on the first question
about why there was no earlier warning. Why? I mean, there is an uncertainty in approaching these kinds of things. And when we initially only identified 10 wallets on chain, and we could only reach a single person for the first day to conduct an interview, you can't raise the alarm there.
It took several days almost the entire week to get even enough critical mass to have enough answers to be able to have a semi statistically significant sampling to say it isn't iOS for instance, which had a vulnerability just six days ago Apple had patched a remote code execution
vulnerability on Safari and Mac OS specifically. You can't say it wasn't that. In fact it was one of my recommendations initially just to be safe. Guys upgrade your OS Mac iPhone and so on. There are so many vectors to consider that to be sure to have enough reasonable
as a written on my report to recommend as a precaution to Riki, you have to basically eliminate almost everything else. And it was, it's quite a lot to eliminate everything else and to get to, yeah, it might actually be a problem with there and we need to keep people safe.
That is exactly the right. Yeah. Yeah. Well, one thing, I read in two years that someone told me that it doesn't agree with me about that we were able to choose something else. And he's saying that we should
like to stop the transactions and we can stop we can stop the transactions. We could have stopped the transactions on the first attack that was using my alias but the attacker could just import the wallet in the script and use it from
script and it's a blockchain. We cannot stop. That's the idea and that's what a censorship resistant means that we cannot stop even the attackers.
Yeah, and one last thing before we wrap up is that regarding the patterns, we find many patterns, but like we focus mainly on big things that had very few interactions with the blockchain because those were like the cleanest examples to interview and find out, but now
Now there's also we would like to invite the community who ever is listening here. Now it's also interesting to know, like those that had some material amount of funds but the hacker took every even like to balance this as low as one algo but like whoever had like never
monic wallets in my elbow that had some type of balance and were not impacted by this it would be good if you can reach out to any of us in this goal or in this space to just see what pattern you had in your behavior and that could also help in the investigation.
Yeah, okay. All right. Thanks, guys. What I Sorry to interrupt there is a really important thing to note is that there are still assets at risk. We do not know if this is all of it. Please if you still
have or if you know someone who has a mnemonic phrase that still has ASAs or NFTs or AppState position in DeFi or anything, go secure your funds. We do not know if there's more. It's been a three-stage attack so far.
Yeah, we're seeing and we're seeing compromised keys that are like had algos is a drain, but they there are there are accounts that had their algos drain, but they still have assets like Take a look at that in particular the the language
last attack that was massive about Algos, but the attacker left USDCs in the accounts. So if you are one of those, please secure those assets as soon as possible. And if someone is
able to transact for their ASAs if you send them 0.1 algo that is 2 USD cents to you and it's going to be 100 transactions to them. Do it. All right, I love the warnings and will of course continue to post and repost the same things about
about how reporting and also making sure that your funds are safe. I think everything that we said about the communications and the uncertainty and the risk of doing things if you're not sure is all true.
I do think, though, and I only, I mean, I'm mostly speaking for me personally, I do think we could have done a better job at the foundation, though, in amplifying. It's a little heartbreaking when somebody like Elder says that he found out by chance. We tend to be a little Twitter reliant, right?
tweets. And so, you know, and this is completely on me, right? They he tweets and I'm like, okay, we're out there. He's our CTO. He's a spokesman. We're out there. Surely they know. But then we had a newsletter or our grand newsletter went out and we didn't mention it in the newsletter. Like that's just ridiculous, right? We should have had
a formal statement when we were ready, not before we were ready and it's true that we couldn't have done and we were constrained also by the investigation, but we came out with the email communication today, right? That's too late. So there's just no sense in which I am saying that we get a gold star for this.
So, you know, we're going to, we learn from this and we're going to, you know, make sure that we're better going forward and we were, you know, a bit shocked and scrambling and head scratching like everybody else was, but we absolutely could have done a better job. And then I personally, this is a very, you know, crypto is a pretty personal thing. And so I think it was also an error
on my part to say, you know, John's the CTO and John's going to be the Facebook, which is of course how it should be, but I also should have personally been out there before I was just letting folks know that I know what's going on and I'm following it and minute by minute and etc. etc. and I care. I kind of feel like it's obvious how much I
care, but it's not obvious, right? So, and then we've had a number of ideas and do keep sending us ideas. One of the things that has been that I've heard a number of times through DMs and other forum of how I have I speak to folks is
that people, you know, we told, we said rekey, but people when they understood, they, governors, move their algo out of their myago wallet and that makes you ineligible for, you know, to participate to vote for this governance period. And so we, I
can't tell you how complicated this is. I mean it's ridiculously complicated and we're not 100% sure that we can do this but we are trying and there's an internal Slack channel that's like a mile long now about the best way and to what extent this is possible but we are very very closely looking at how
we can make sure that you're still counted as a governor in this period, even if you move your funds out of your myel go wallet. So I think my cryptographers might kill me if I promise 100% that we can do this but we are really looking hard at how to get that done. And also
If you have thoughts about how to not give governance rewards to the hacker, of course, but also to make that happen like technical ideas around that, you guys are very smart community and we are super open to we would love ideas there. So that's our in addition to like the the investigation. That's our number one task.
that the foundation right now is figuring out how to identify those folks that didn't re-key but that move their algo someplace safe and how to make sure that they, if possible, can keep participating in this governance period. So in conclusion, I guess I'll just say that we'll
And we'll keep engaging and we'll keep you, we'll keep you apprised of what's going on. And yeah, we're just, we're just, you know, we're very sorry that this is happening to us. Okay, thanks so much everybody.
Sorry, can I just ask one more question? Obviously Coinbase is not allowing for Algo to go into towards them at this point at least. My worry is here that, and I don't know if contact has been made there or not, but considering that 50% of the volume
on centralized exchanges when it comes to algo happens with them that the attacker will try to dump algo there. Has there be communication with them with regards to that to prevent that and to stop you know this addresses and ultimately him or whoever it is, cashing out.
I can maybe take that one Stacy because I'm in on the front line with it. Yes, so we see that the attacker really is using non-kyc exchanges where they don't have to have their name, their home, their utility bills registered. That's Kucoin change now, everyone knows these non-kyc
So we are talking to their management teams, literally one to one in telegram, they're aware, they get fed all of the accounts, they're freezing the accounts where possible and waiting for law enforcement reports so that they can take action. Separate to that, we recognized that for decentralized exchanges we needed to make sure that we had something that we could do.
more formal in place. So we engaged chain analysis, we already had a relationship with them, but they are now and have been for the last number of hours working actively on this and are aware of all of the accounts that are involved. And so they've been sending those for exchanges that integrate with chain analysis of which I believe Coinbase is one.
They now have automated reports to basically block and freeze assets that are sent in from those sanctioned accounts. So yes, is the answer basically. In a nutshell. Great. Thank you. OK. Thanks, everybody. Thank you. Cheers. Thank you. Bye-bye.