$75 000 000 USD

JUNE 2021

SWITZERLAND

STAKEHOUND

DESCRIPTION OF EVENTS

"StakeHound [is] a firm that enables staking." "StakeHound allow[s] you to stake and wrap your tokens into stETH without a minimum required amount and lock-up period." "StakeHound claims that it has developed “stake-backed” tokens so that digital currency traders can enjoy “the best of both worlds: liquidity and yield.”" "stETH is a wrapped token with a 1:1 representation of the user’s underlying ETH. After a user onboards their ETH, StakeHound stakes those ETH for the users and redistributes the rewards to stETH." "stETH is a wrapped token offered by StakeHound that allows users to wrap their assets as a 1:1 peg with the underlying asset. This permits users to participate in DeFi while still receiving staking rewards."

 

"Here’s how StakeHound works: users send their chosen Proof of Stake tokens, such as RADIX, XZC, XTZ, ATOM, ALGO, ADA or DOT, to one of StakeHound’s institutional-grade custodian partners. StakeHound then instantly generates and sends the user a one-to-one representation of their original token on their chosen DeFi ledger (Ethereum now, Radix once launched next year)."

 

"Access DeFi with liquid staked tokens. Earn staking rewards without lock-ups." "All assets are stored under institutional grade custody solutions, insured and can be audited in real-time on ledger."

 

"Step 1: Send StakeHound unstaked tokens from your favorite PoS crypto holdings. Step 2: Receive staked ERC20 tokens from StakeHound. Watch your balance receive staking rewards. Step 3: Trade, leverage and lend your staked tokens in the Ethereum DeFi ecosystem instantly."

 

“Staking is a critical part of network security, but it currently creates illiquid positions,” said Albert Castellana, CEO of StakeHound. “On some networks, there are also large minimum stake requirements, putting it out of reach for many small holders. StakeHound removes both of these problems for the user, allowing anyone to support the security of the networks they care about, while giving them liquid access to the best DeFi products the market can offer. It allows even the smallest token holder to earn staking rewards.”

 

"As noted in the announcement, all major proof-of-stake virtual currencies [are] supported, so that their holders can earn staking rewards while being able to access “instant” liquidity."

 

"On the 2nd of May 2021, [StakeHound was] informed by one of [their] custody providers, Fireblocks, that 38,178 of [their] staked Ethereum may have been rendered inaccessible because of a failure by Fireblocks to secure the cryptographic keys as they were required to do."

 

"In short, a series of errors by Fireblocks caused the loss of 2 keys that are part of the 3-of-4 threshold signature for the shards that form the withdrawal key. Fireblocks (1) did not generate their private keys in a production environment, (2) did not include the private keys required to decrypt their 2 key shares in the backup, and (3) lost both keys."

 

"Effective 23:00 CET 10/05/2021 we have temporarily paused all token transfers for stETH, which will result in users being unable to trade stETH or provide/remove liquidity for stETH pools. We will provide further updates in the coming days."

 

StakeHound "is suing custody service Fireblocks for allegedly contributing to the loss of private keys that accessed [the] ~$75M worth of crypto." "StakeHound has filed [the] lawsuit against Israeli company Fireblocks, claiming that it lost NIS 245.5 million (approximately $75 million) worth of cryptocurrencies it was entrusted with. StakeHound claims that Fireblocks, a developer of secure cross-enterprise asset transfer infrastructure, was negligent and as a result the funds have been lost and can not be recovered. The lawsuit was filed today at the Tel Aviv District Court by attorneys Eli Cohen, Alex Feldsher, and Nuna Lerner of Gornitzky & Co law firm."

 

According to the lawsuit, negligence by a Fireblocks employee led to the crypto assets being lost without any backup being available. "This is a human error committed by an employee of the defendants, who worked in an unsuitable work environment, did not protect or back up the defendant’s private keys needed to open the relevant digital wallet, and for no apparent reason, the keys were deleted, preventing the plaintiff’s digital assets from being accessed.”

 

Fireblocks has denied any wrongdoing, claiming that: "The keys were generated by the client and stored outside the Fireblocks platform," and that "the customer did not store the backup with a third-party service provider per our guidelines."

 

"Coincover, the company trusted with backing up the private keys, received the keys, but could not check if they could open the digital wallet due to a confidentiality agreement. In order to recover the keys through the backup made by Coincover, a copy of it must be kept at Fireblocks, so that at the time of recovery, it can be verified."

 

"Regrettably, because of the severity of the recent events, we have decided to discontinue our liquid staking activities, i.e. the purchase of native tokens in exchange for staked tokens, with immediate effect. This will allow us to devote our full attention to the recovery of the loss."

 

"We will also discontinue the distribution of staking rewards, except for stETH, starting on the 2nd of August 2021. You might want to approach us to sell your stTokens in exchange for native tokens, to which we might agree subject to availability and in accordance with our terms and conditions."

 

"Please, note that all staked ETH are locked in the ETH2.0 staking contract for the time being and the possibility to sell stTokens does not apply to stETH. An upcoming update to the protocol by the Ethereum development team will allow the unstaking of the ETH, at which point you may approach us to sell your stETH in exchange for ETH to which we might agree subject to availability at our sole and full discretion. The possibility to exchange stETH for ETH will be reviewed upon the outcome of the unlock process as well as the legal proceedings."

StakeHound gave all their money to FireBlock, and FireBlock lost the private key.

 

FireBlock is saying that StakeHound should have kept a backup of the private key.

 

In any case, $75m of user funds appears to have been permanently lost.

HOW COULD THIS HAVE BEEN PREVENTED?

The better arrangement for securing these funds would have been a multi-signature wallet held by multiple trusted and trained individuals, which would have had redundancy and personal accountability. In such a setup, each key holder can keep backups in multiple locations, providing even further protection against key loss.

 

Check Our Framework For Safe Secure Exchange Platforms

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.