Where are my staked tokens before the hack

What happened to my tokens I had STAKED before the “hack” Alex ?
I had XCN and UNI staked.

…and, they are listed in my Coinbase Wallet as rewards

staked or supplied ?

staking has not been affected sir

Supplied

Same here, I’m still waiting for my XCN tokens missing from V1 supplying. Any ideas???

supplied means its not staked :slight_smile: hope it will refunded soon

Hi,

The hacker stole all the supplied value.
Staked XCN are safe.

1 Like

And, when will this foundation return my stolen supplied funds to me? I expect they will be returned in full. It’s only proper and ethical

1 Like

Hey,

Onyx is a decentralized system on smart contracts. It’s not a bank. Each user takes the responsibility, same as in other protocols.

Nevertheless, Onyx proposed a reimbursement plan Onyx v1 Reimbursement Plan. (Updated 2024–03–04) | by Alex Onyx | Mar, 2024 | OnyxProtocol according to the accepted by community proposal.

Excuse me. In other protocols, they are the ones who have shown diligence in taking responsibility. This is a smart contract platform, not a smart ass contract platform. You know what’s interesting, for several weeks AFTER the ‘purported’ hack took place, my funds were still safe. And, I tested to see if I could withdraw. Yes, I could have. There was also a process to convert to V2 as was explained. It’s funny how ONYX had no control over the situation weeks afterwards when they converted to V2. It was only then when everyone’s funds disappeared. Isn’t that right Alex? I have several family members who work in law enforcement, including doing undercover work as well as FBI. I guarantee you who the number one suspect would be to them: You
Just saying

Hey,

  • The hack is not ‘purported’
  • The hacker’s transactions depleted all the coins in the protocol, except XCN
    Ethereum Transaction Hash (Txhash) Details | Etherscan
    Ethereum Transaction Hash (Txhash) Details | Etherscan
  • As XCN and other coins used as collateral, XCN were affected too
  • In the app, all supplied coins, and XCN were still shown as “available”
  • Technically, users still could withdraw supplied tokens and borrow, but only after some other user supply after the hack. That’s why Onyx warned the app not to use it with a popup at the app start. You indeed could withdraw in such case.
  • In the v2, all the supply contracts changed, including XCN, because previous ones were affected
  • The FBI didn’t help with tracking the hacker
1 Like

So if the DAO would supply XCN from treasury, supplied tokens could be withdrawn?

Is the hack reported to the authorities?

Hi,

Yes, I believe if DAO supply from the Treasury, supplied tokens could be withdrawn. But it’s not the safe way, as v1 may be still vulnerable. Yes, when we cooperate with security companies about the incident, they use different channels for investigation, including authorities.

Can you give more information on this, like which security companies and case numbers?

I don’t have case numbers.
One of the companies is Hexagate, they were among first who reported about the hack. They helped us to send messages to the hacker’s wallet asking for returning funds for a bounty.
Also, we collaborated with Certik, who certified the Onyx contracts.
We also had private security consultants.

I read the exploit happened because of a known bug. Is that correct?

Those private security consultants, they came in before of after the exploit?

Yes, as a security company explained,
It was the Compound issue Hundred Finance Exploit and Compound v2 - Compound Community Forum, that become known after Certik reviewed Onyx smart contracts.

All they came after the hack and collaborated with Onyx developers.