Wintemute Hack: Vanity Affair

Wintermute has since confirmed it has sufficient reserves to continue operations; their CeFi holdings and their OTC operations were not affected. But it is no doubt damaging, particularly to a player with seemingly solid internal controls. Immediate Aftermath**And that is exactly what the hacker did. You can see the transfer here. They are now earning between 0.3 - 0.7% APY on the stolen goods. Quite a staggering move! **Another interesting aspect is Wintermute’s use of vanity addresses, which they reportedly generated via the Profanity service. Vanity addresses allow you to prefix characters in your wallet address. Sometimes, they are used for marketing; other times its just for fun. For example, this Bitcoin address is a palindrome:This one was probably made by someone called Leonhard:In the Ethereum world, vanity addresses can be used to save on gas (transaction) fees. On blockchains, incremental gains in efficiency can lead to big cost reductions. Its a relatively obscure technique but using an address with more zero bytes (i.e. more zeros, which lowers so-called hamming weight) allows users to save on types of transactions. * 0x0000006daea1723962647b7e189d311d757Fb793 * 0x000002Cba8DfB0a86A47a415592835E17fac080a _**There is still wide speculation about these series of events, and the exact details remain unclear. But the Profanity bug has been talked about by Wintermute’s CEO on Twitter. Whatever the precise series of events, the issue highlights the extent to which users are required to go in order to protect their funds.Get in touch to find out more about our crypto AML Leaderboards and Profiles.