July 31st, 2023
AI. In July 2023, the platform experienced a rug pull in which the project team drained an estimated $1.4 million from the project’s pools.
On July 27, 2023, the DefiLabs team posted a letter stating that the platform was undergoing maintenance, resulting in them temporarily blocking staking. The claim is that user funds would be safe and available during the emergency upgrade.
The DefiLabs rug pull took advantage of backdoor functions in the smart contract code and a privileged address. This backdoor was designed to only allow the project team to withdraw funds, which is good for security but also made it possible to carry out a backdoor attack. A more decentralized approach to managing privileged functions — such as a multi-signature wallet or decentralized governance scheme — could have prevented this attack.