Halt rewards to NZDS/USDC LP on Polygon

Overview / Summary

The purpose of this proposal is to address a potential issue that could cause problems with the existing NZDS/USDC LP via Polygon.

After the exploitation, many of the tokens were able to be frozen and or recovered. However, NZDS was the only one that was unable to be frozen because the ‘attacker’ had already sent them to Polygons bridge. Since those tokens are on a separate contract, they are unable to be frozen like they could have been if they would have just stayed ETH native.

Since these tokens are still out in the ‘wild’ per say, my suggestion would be to halt rewards to the NZDS/USDC LP on Polygon, (for the time being). The protocol cant risk this individual being able to provide/swap NZDS to/from this LP.

The attackers wallet holds 820,042.86 NZDS which is worth approximately $455,067 USD and can be found at this link → NZD Stablecoin (PoS) (NZDS) Token Tracker | PolygonScan

At the current moment, no rewards are being issued out from the protocol. However, the relaunch is coming up within the month. So, the protocol needs to iron this issue out before the relaunch in order to not only properly distribute the LP rewards for normal operations but most importantly for taking every step possible to make sure the users in the liquidity pools are safe and secure.

This is one of those steps that should/needs to be addressed.

Pros:
  • Stops the attacker from being able to swap out NZDS for USDC using DFX pools.
  • Maintains the integrity of the LP reward distribution.
  • Users can safely know that the protocol is taking all measures possible.

Cons:
  • The Polygon NZDS/USDC LP will not be receiving rewards until the issue can be resolved on the Techemynt side.
  • For
  • Against

0 voters

" The attackers wallet holds 820,042.86 NZDS which is worth approximately $455,067 USD"

It’s more than 520k USD right now, 1 NZD = 0.64 USD

Otherwise why only remove the rewards? in my opinion the pool should simply not be reopened until the situation is resolved.

And not only on Polygon but on Ethereum too, unless you think you can monitor the Polygon bridge and stop the pool in time.

yes, exactly this! Make no sense to open a pool at all, since uninformed people might still provide liquidity to the pool!

Just to be clear, creating a pool and not creating a pool makes no difference. Anyone can make a pool as it is permissionless. What differentiates a pool is if they get DFX incentives or not.

1 Like

Security and safety is everything

1 Like