Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/berallypricecrashdeployerprivatekeyleakage.php}} {{Unattributed Sources}} Berally Logo/Homepage == About..."

2025-05-09T23:10:16Z

Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/berallypricecrashdeployerprivatekeyleakage.php}} {{Unattributed Sources}} thumb|Berally Logo/Homepage<ref name="berallyiotwitter-19498" /><ref name="berallyiotwitter-19499" /><ref name="berallyiotwitter-19500" /><ref name="berallyiotwitter-19501" /><ref name="berallyiotwitter-19502" /><ref name="berallyiotwitter-19503" /><ref name="berallydocs-19504" /> == About..."

New page

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/berallypricecrashdeployerprivatekeyleakage.php}}
{{Unattributed Sources}}

[[File:Berallyio.jpg|thumb|Berally Logo/Homepage]]<ref name="berallyiotwitter-19498" /><ref name="berallyiotwitter-19499" /><ref name="berallyiotwitter-19500" /><ref name="berallyiotwitter-19501" /><ref name="berallyiotwitter-19502" /><ref name="berallyiotwitter-19503" /><ref name="berallydocs-19504" />

== About Berally ==
Berally is a next-generation SocialFi and AI-driven asset management platform built on Berachain, designed to empower both retail and professional traders. It offers innovative tools like Berally Pass for building on-chain reputations, Berally Pot for creating crowd-funded trading vaults, and AI Agents via Cybera to automate and optimize trading strategies. Users can earn passive income through staking, participating in vaults, or owning and deploying AI agents that generate yield through Berachain’s Proof of Liquidity. With a strong roadmap through 2025—including mobile apps, full AI automation, and major DeFi integrations—Berally aims to simplify and decentralize financial growth for everyone.

Berally blends social features like gated communities and crowd-funded vaults with advanced automation through Cybera’s AI agents. These agents can scout alpha, make trades, and manage strategies autonomously. Inspired by platforms like FriendTech and Hyperliquid, Berally aims to centralize the power of social trading, AI, and DeFi into one seamless ecosystem, positioning itself as the future of automated on-chain asset management.

== The Reality ==
This sections is included if a case involved deception or information that was unknown at the time. Examples include:

* When the service was actually started (if different than the "official story").
* Who actually ran a service and their own personal history.
* How the service was structured behind the scenes. (For example, there was no "trading bot".)
* Details of what audits reported and how vulnerabilities were missed during auditing.

== What Happened ==
"Berally, a platform for social trading using AI agents within the Berachain ecosystem, is suspected to have been hacked."
{| class="wikitable"
|+Key Event Timeline - Berally Price Crash Deployer Private Key Leakage
!Date
!Event
!Description
|-
|March 14th, 2025 5:41:00 PM MDT
|Unauthorized Access Utilized
|An attacker compromised Berally’s deployer wallet, enabling them to revoke all token vesting contracts and sell 4.45 billion $BRLY tokens, triggering a 98% price crash. They also drained around 14,479 $BERA from the $BRLY/$BERA liquidity pool on Kodiak Liquidity V2. The stolen funds were then transferred to external wallets, bridged to Arbitrum, and laundered through mixers to obscure their trail.
|-
|March 14th, 2025 8:14:00 PM MDT
|Berally Posts Announcement
|Berally announces that it has suffered a security breach due to a leak involving its deployer key, leading to the dumping of all vesting tokens and a complete drain of the liquidity pool. While the dApp contracts remain secure and unaffected, users are advised to revoke access to both the dApp and Staking features as a precaution. The team is actively investigating the incident and will share further updates as they become available.
|-
|March 16th, 2025 5:25:00 AM MDT
|Recovery and Compensation Plan
|Berally posts a recovery and compensation plan following the March 2025 liquidity pool exploit, announcing the launch of a new $BRLY token on Berachain within 7–10 days and full restoration of the liquidity pool using treasury funds. Token holders and stakers will receive 120% of their pre-hack balances—100% airdropped and 20% as annual staking rewards—while LPs will get 100% of new pool tokens plus the right to withdraw 15% from the old pool, totaling 115% compensation. Berally has implemented strict new security measures, including multi-sig, hardware wallets, and offline key storage, and assures users that the dApp remains secure and operational.
|}

== Technical Details ==
"The exact method by which the deployer’s private key was compromised is currently unknown. Our security team, working alongside external forensic experts, is conducting a thorough investigation to identify the source of the breach. We know the key was stored locally and, despite safeguards, was accessed by the attacker, allowing them to bypass contract security measures and execute privileged actions. One possibility under consideration is a social engineering attack targeting our DevOps team, but we lack definitive evidence at this stage and are still examining all leads.
This incident highlights a critical failure in our key management practices, and we take full responsibility for it. We are committed to determining the precise cause and will share a comprehensive update once our investigation provides clear answers."

== Total Amount Lost ==
"The majority of the liquidity pool was emptied, with funds quickly moved to mixers, making recovery efforts challenging.
The Berally dApp and related smart contracts remain secure and unaffected, as verified by initial audits and internal reviews. This exploit targeted key management, not flaws in our protocol.
User wallets, managed securely through Dynamic, were not compromised."

The total amount lost has been estimated at $87,000 USD.

== Immediate Reactions ==
"The official statement reads: “Partial information of the deployer's key was leaked, leading to the sell-off of all vesting tokens and withdrawal of funds from the liquidity pool. The dApp contract remains secure and unaffected by the hack, but please temporarily revoke access to the dApp and Staking. An investigation is underway, and an update will be provided as soon as possible.”"

"Upon discovering the breach, we took the following steps without delay:
Revoked the compromised key and transferred ownership to new multi-signature secured keys at 04:00 UTC on March 15.
Contacted partners across our network for assistance, including Berachain ecosystem collaborators, cybersecurity firms, centralized exchanges, and mixer operators, to aid in tracking and containment efforts.
Suspended all staking, airdrop, and rewards functions until a complete security review is finalized."

== Ultimate Outcome ==
"This exploit was limited to the wallet that deployed the $BRLY token. All contracts tied to the Berally dApp remain secure, having been audited twice previously. We’ve also consulted additional experts to confirm the safety of the dApp, and no issues have been identified, as its contracts operate in a permissionless manner.
Currently, we are developing a detailed recovery and compensation plan, with our highest priority being to mitigate the damage to token holders and support our community. Our strategy involves deploying a new token, backed by the same liquidity amount drawn from our treasury, and distributing it via an airdrop to holders affected by the hack."

== Total Amount Recovered ==
There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

== Ongoing Developments ==
What parts of this case are still remaining to be concluded?
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="berallyiotwitter-19498">[https://twitter.com/Berally_io/status/1919427915743429095 @Berally_io Twitter] (Accessed May 8, 2025)</ref>

<ref name="berallyiotwitter-19499">[https://twitter.com/Berally_io/status/1902752430523338900 @Berally_io Twitter] (Accessed May 8, 2025)</ref>

<ref name="berallyiotwitter-19500">[https://twitter.com/Berally_io/status/1901634409381720473 @Berally_io Twitter] (Accessed May 8, 2025)</ref>

<ref name="berallyiotwitter-19501">[https://twitter.com/Berally_io/status/1901233389753323594 @Berally_io Twitter] (Accessed May 8, 2025)</ref>

<ref name="berallyiotwitter-19502">[https://twitter.com/Berally_io/status/1900855059069759571 @Berally_io Twitter] (Accessed May 8, 2025)</ref>

<ref name="berallyiotwitter-19503">[https://twitter.com/Berally_io/status/1900732333562744870 @Berally_io Twitter] (Accessed May 8, 2025)</ref>

<ref name="berallydocs-19504">[https://docs.berally.io/ Berally] (Accessed May 8, 2025)</ref></references>

Berally Price Crash Deployer Private Key Leakage - Revision history

Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/berallypricecrashdeployerprivatekeyleakage.php}} {{Unattributed Sources}} Berally Logo/Homepage == About..."