The Hedera network has stopped all access to its wallet and app as it investigates technical irregularities, which could be due to a possible exploit in its smart contracts.
As a result of this action, SaucerSwap, a decentralized exchange (DEX) on the Hedera Network, has encouraged its users to withdraw their liquidity from the platform.
Wallet And App Access Blocked
The Hedera Network has announced that it will turn off all network proxies on its mainnet as it investigates irregularities discovered in its smart contracts. This means that users cannot access or use wallets, decentralized exchanges, decentralized applications, and centralized exchanges on the network. The team at Hedera stated that despite recent developments, the mainnet would continue to remain operational and is reaching consensus on new blocks.
However, the network remains inaccessible to most users. Hedera has stated that access and proxies will be re-enabled once the issues have been resolved.
Reason For Decision
Hedera stated that the action was necessary and it was taking it in “an abundance of caution for users.” However, the project has not disclosed whether any funds have been compromised or stolen. Hedera has come under significant flak from its community, which has now begun questioning the project’s commitment to complete decentralization. They pointed out that Hedera’s leveraging of proxies indicated that only a few parties exercise control over the network rather than an entire community.
Hedera maintained complete control of the proxies at the time of their launch. However, it had stated that it planned to give control to council members at a later date.
A Possible Exploit?
Hedera stated on the 9th of March that the problem was due to the smart contract issues it was facing. As a result, popular bridge service Hashport also paused its services in a bid to contain the issue. Hedera has, so far, given very little information relating to the exact nature of the problem. However, independent blockchain researcher Ignas tweeted that an ongoing exploit was hitting Hedera and that all decentralized applications using the Hedera Token Service (HTS) were impacted.
“There’s an ongoing exploit hitting Hedera. All Hedera dApps using Hedera Token Service (HTS), like LP tokens or wrapped tokens, are affected. The exploit is targeting the decompiling process in smart contracts. Advice: “Get your funds out now.”
Ignas further elaborated that the issue was related to the decompiling processes of smart contracts and was specifically impacting the Hedera Token Service (HTS). This meant that wrapped tokens and liquidity provider tokens were also impacted. The source of information, according to Ignas, was the CEO of Pangolin Exchange, Justin Trollip. According to Trollip, several Hedera projects, such as SaucerSwap, Heliswap, and Pangolin, were also at risk.
As a result, SaucerSwap Labs advised users to withdraw liquidity immediately due to the ongoing exploit.
“An ongoing exploit hit the Hedera network this morning. The exploit is targeting the decompiling process in smart contracts. At the time of writing, attackers have hit Pangolin and HeliSwap pools containing wrapped assets. We are unsure if other HTS tokens are at risk too. There have been no reports of SaucerSwap users getting funds stolen yet, but as a precaution, we would encourage everyone to withdraw liquidity immediately.”
It further added that it was in touch with other decentralized exchanges on the Hedera Network and exploring ways to mitigate any risk.
“We are actively investigating and are in talks with the other dexes on the network and trying to look for ways to mitigate the vulnerability.”
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.