CertiK & zk-Sync: $2M Reimbursement Plan for Rugpull Victims

• CertiK and zk-Sync DEX Merlin have developed a plan to reimburse users affected by an exploit that drained almost $2M from the protocol.
• The incident was revealed to be a rug pull carried out by several rogue members of its back-end developer team, who manipulated the protocol’s contracts and web host.
• CertiK conducted an audit of the protocol’s code on Monday before the incident occurred and suggested switching to decentralized mechanisms.

Exploit Drains Funds from Merlin

Merlin’s liquidity pool was drained on Wednesday after its native token sale, where it is believed an attacker exploited the protocol. CertiK, a blockchain security firm, analyzed the event and pointed out that there may have been a private key management issue with Merlin which caused the incident.

Rogue Members Manipulate Protocol

After further research into the exploit, it was discovered that several rogue members of Merlin’s back-end development team were responsible for manipulating the code in order to carry out their goals. This included implementing a call-action function which gave them power over all trading pairs in their liquidity pool.

CertiK Suggests Decentralized Mechanisms

During its audit of Merlin’s code on Monday, CertiK recommended switching to decentralized mechanisms in order to avoid single points of key failure. It has since been announced that CertiK and zk-Sync DEX are working towards a plan to reimburse users affected by this exploit up to $2 million dollars.

Reimbursement Plan Explored

In order to help those affected by this rug pull, CertiK and Merlin are exploring ways for victims of this exploit to be reimbursed up to $2 million dollars in total costs. The details surrounding how these funds will be distributed has yet to be determined but both companies aim for all victims who suffered losses due to this incident will receive compensation for their losses.

Conclusion

    CertiK and zk-Sync DEX Merlin have come together in response to an unfortunate incident involving internal manipulation of their protocols code resulting in stolen funds from users‘ accounts. Both parties are working towards developing a reimbursement plan for those affected up too $ 2 million dollars as well as looking into ways they can improve security measures so such events do not occur again in future systems or protocols they create or manage.