Back in December we reported on the hack of a decentralised cryptocurrency exchange based on the Ethereum blockchain, EtherDelta, in which hundred of ether tokens were stolen.
There are few more twists to this strange tale.
EtherDelta is a decentralised exchange, or DEX, powered by a smart contract on the Ethereum blockchain. It offers users the chance to trade cryptocurrency without the need to register an email or password – in fact, people do not need to sign up at all.
Any token can be traded on the EtherDelta as long as it conforms to the ERC20 template. EtherDelta is the first place that coins that have just finished ICO-ing on the Ethereum blockchain will be listed, and more than 200 coins are listed there. Because on a decentralised exchange traders trade directly between themselves, there is no third party and no single point of failure. For these reasons they are considered safer in terms of security.
But life finds a way. A hacker took over the exchange’s DNS server in December and launched a a convincing replica of the official website. Ethereum warned users to take note that the imposter website lacked a chat button on the navigation bar and a Twitter icon, but for over 6 hours funds moved into the hacker’s address, and on the following day the attacker moved the money away. EtherDelta said that “at least 308 ETH plus a large number of tokens potentially worth hundreds of thousands of dollars” were stolen. At the time, it had a trading volume of $11 million a day, according to Techcrunch.
This sounds like just another hack story up until this point. It should be noted that the exchange wasn’t expected to take action in the same way that a centralised exchange would be – because users are responsible for their own funds, all a decentralised exchange has to do is warn them to be careful, as the EtherDelta website indeed does.
Things get strange
A week after the hack, thefts were still being reported from users that were using browser plugins which they were told were safe (Metamask and Myetherwallet).
If you have funds on @Etherdelta I would move them off now! I just had a large amount stolen from my account a few hours ago. Do not use the same accounts you have used before the hack, even with metamask (which I thought I was safe beause that’s was using).
— Tommy World Power (@TommyWorldPower) December 26, 2017
The exchange is also no longer listed on coinmarketcap.com, which is the go-to index for cryptocurrencies and exchanges.
Now, EtherDelta’s Twitter profile shows 7 posts in total, a silence all the more deafening when we consider that just after the hack, it executed a successful ICO.
According to its website, EtherDelta ran an ICO from the 31st of Dec to the 14th of January, from which it made 158,827 ETH, or approximately 69 million USD (based on 90 percent of 1,350 million EDT tokens sold, at 0.00011765 ETH each, one ETH being worth about 487 USD according to coinmarketcap.com). The website also states that it is banned in the US and China.
Now, according to its Twitter page, EtherDelta went back online on the 1st of March. However, people posting underneath that announcement don’t seem to agree.
In fact, every post on its Twitter feed is followed by unsatisfied responses from customers showing varying degrees of anger. They say that they have not received tokens that they paid for, that they cannot transfer money, they ask for inactive tokens to be removed from the platform, and many simply request that admin get in touch with them. The words ‘scam’ and ‘fraud’ seem to pop up repeatedly.
Today, the EtherDelta Telegram group received this message:
“Winter has finally came [sic] to its end and Spring is on the way. During these days, the ED team is working hard to bring more energy and potential into the project. For the benefit of our investors, we are trying our best to upgrade and optimize the platform. We believe, the future will be much brighter.
Recently, many investors are inquring [sic] us if we listed EDT on any other exchange for trading. We would like to make the announcement here: As EDT is based on [a] smart contract, technically, any exchange could list EDT tokens for trading.
However, there is no offcial [sic] authorization from [the] ED team to any other exchanges to list the token. The team would kingly [sic] remind everyone that please be careful and keep your tokens safe. All information should [be] based on offcial [sic] annoucement [sic] from the team.”
So, the EtherDelta team sold billions of tokens, but advises people not to use them, as the online community screams fraud.
ForkDelta, enter stage right
As of late February, a clone of the exchange called ForkDelta has been listen on coinmarketcap.com. ForkDelta is a relatively tiny exchange with a listed volume of $865,121. On the other hand, is has a very active Twitter page and a transparent website. Its reason for being is that “EtherDelta was sold to new owners who introduced questionable development decisions.”
On its website, it says that it “interfaces with EtherDelta’s original smart contract which allows ForkDelta users to trade utilizing EtherDelta’s volume. However, this means that the trading fees still go to EtherDelta and ForkDelta development costs come entirely out of our pockets.”
It then goes on to ask for donations.