Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesBotsEarnCopy
SIR.trading founder pleads for return of $255K after $355K hack

SIR.trading founder pleads for return of $255K after $355K hack

GrafaGrafa2025/04/01 09:50
By:Mahathir Bayena

SIR.trading, an Ethereum-based (CRYPTO:ETH) decentralised finance (DeFi) protocol, suffered a catastrophic hack on March 30, 2025, losing its entire total value locked (TVL) of $355,000.

The attack exploited a vulnerability in the protocol’s Vault contract, leveraging Ethereum's transient storage feature introduced in the Dencun upgrade.

The hacker manipulated a callback function to replace the legitimate Uniswap (CRYPTO:UNI) pool address with one under their control, repeatedly draining funds until the vault was empty.

The stolen funds were traced to Railgun (CRYPTO:RAIL), an Ethereum privacy solution, but the hacker remains unresponsive.

In an emotional on-chain message, SIR.trading’s pseudonymous founder, Xatarrer, pleaded for the return of $255,000—approximately 70% of the stolen funds—offering the hacker $100,000 as compensation for discovering the vulnerability.

“Keep $100k as a fair share for your critical bug find and return the remaining. No legal games, no drama,” Xatarrer wrote.

He emphasised that without the return of these funds, "there is no chance for us to survive."

Xatarrer revealed that SIR.trading was developed over four years with $70,000 in personal investments and contributions from supporters, without venture capital backing.

The protocol had grown organically to $400,000 TVL without advertising.

Despite the setback, Xatarrer expressed a commitment to rebuilding and assured affected users that they would not be forgotten.

Blockchain security firms TenArmorAlert and Decurity flagged the attack as one of the first real-world exploits targeting Ethereum's transient storage feature.

This feature allows temporary data storage with lower gas fees but has raised concerns about security vulnerabilities.

Experts described the attack as “clever” and warned developers to strengthen safeguards against similar exploits.

SIR.trading’s documentation had previously cautioned users about potential risks in its smart contracts despite undergoing audits.

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!