Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/caspernetworkurefbypasswalletdraining.php}} {{Unattributed Sources}} Casper Network Logo/HomepageCasper Network is a proof of stake network with finality and limited numbers of validators. Late on July 25th, a vulnerability started to be exploited which allowed a total of 13 wallets to be drained. The team behind Casper Network was ultimately able to blo..."

2024-10-25T19:56:31Z

Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/caspernetworkurefbypasswalletdraining.php}} {{Unattributed Sources}} thumb|Casper Network Logo/HomepageCasper Network is a proof of stake network with finality and limited numbers of validators. Late on July 25th, a vulnerability started to be exploited which allowed a total of 13 wallets to be drained. The team behind Casper Network was ultimately able to blo..."

New page

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/caspernetworkurefbypasswalletdraining.php}}
{{Unattributed Sources}}

[[File:Caspernetwork.jpg|thumb|Casper Network Logo/Homepage]]Casper Network is a proof of stake network with finality and limited numbers of validators. Late on July 25th, a vulnerability started to be exploited which allowed a total of 13 wallets to be drained. The team behind Casper Network was ultimately able to block finality on their network and perform an upgrade to resolve the original issue. However, it is unclear what is being done to compensate users who were affected by the exploit.<ref name="slowmisthackedarchive-14855" /><ref name="caspernetwork-14963" /><ref name="caspernetwork-14964" /><ref name="caspernetwork-14965" /><ref name="caspernetworkdocs-14966" /><ref name="caspernetworktwitter-14967" /><ref name="caspernetworktwitter-14968" /><ref name="caspernetworktwitter-14969" /><ref name="caspernetworktwitter-14970" /><ref name="caspernetworktwitter-14971" /><ref name="caspernetworktwitter-14972" /><ref name="caspernetworktwitter-14973" /><ref name="caspernetworktwitter-14974" /><ref name="youtube-14975" /><ref name="cointelegraph-14976" /><ref name="coinpedia-14977" /><ref name="happycoin-14978" />

== About Casper Network ==
"Instant Finality public blockchain Casper offers instant finality, while keeping transaction costs low, and being easy to build on."

"Casper is a new Turing-complete smart-contracting platform, backed by a Proof-of-Stake (PoS) consensus algorithm and WebAssembly (Wasm). The network is a permissionless, decentralized, public blockchain."

"The Casper Network was built based on the energy-efficient, proof-of-stake CBC Casper specifications, providing the scale, industry-leading security, and predictable cost-effective gas model to deliver the new standard for AI Governance.

Casper Labs has been chosen by IBM for a groundbreaking solution aimed at enhancing the transparency and auditability of AI systems. The solution combines IBM’s watsonx.ai and leverages the Casper Network for managing, monitoring, and sharing AI data.

Casper is the ideal platform for managing AI data. It provides certified, tamper-proof, transparent, secure, and auditable data, building trust in generative AI."

== The Reality ==
This sections is included if a case involved deception or information that was unknown at the time. Examples include:

* When the service was actually started (if different than the "official story").
* Who actually ran a service and their own personal history.
* How the service was structured behind the scenes. (For example, there was no "trading bot".)
* Details of what audits reported and how vulnerabilities were missed during auditing.

== What Happened ==
"On July 26, 2024, Casper Network was attacked."
{| class="wikitable"
|+Key Event Timeline - Casper Network Uref Bypass Wallet Draining
!Date
!Event
!Description
|-
|July 25th, 2024 11:00:00 PM MDT
|Team Aware Of Vulnerability
|The time at which the Casper Network team reportedly became aware of the vulnerability issue on the Casper Network. TBD - When actual vulnerability happened.
|-
|July 26th, 2024 4:54:00 AM MDT
|Security Video Posted
|A video is posted which features Matthew Doty, a Research Fellow at the Casper Association, discussing 'Building Secure Blockchain Solutions at Casper'.
|-
|July 26th, 2024 7:00:00 AM MDT
|Root Cause Determined
|The Casper Network identifies the root cause of the exploit on their network.
|-
|July 27th, 2024 1:50:00 AM MDT
|Casper Network Concensus Halt
|The Casper Network consensus mechanism is halted to prevent potential damage to additional accounts.
|-
|July 27th, 2024 4:31:00 AM MDT
|Casper Network Announcement
|The Casper Network tweets to announce that they have
|-
|July 27th, 2024 11:33:00 AM MDT
|Minor Situation Update
|The Casper Network tweets to notify their community that they continue to work on a resolution of the issue.
|-
|July 28th, 2024 8:28:00 AM MDT
|Minor Situation Update
|The Casper Network again tweets to notify their community that they continue to work on a resolution of the issue.
|-
|July 28th, 2024 11:30:00 AM MDT
|Situation Limited To Wallets
|"At this point, on 28 July 2024 at 17:30 UTC, the Casper Association is confident that the extent of the security breach is limited to under 15 accounts. All unauthorized transfers have been traced by Casper and related parties. "
|-
|July 29th, 2024 3:18:00 AM MDT
|Security Breach Tweet Posted
|"On July 26, 2024, a security breach on the Casper blockchain was detected. Casper Team/Community performed immediate actions including halting consensus and developing a patch."
|-
|July 29th, 2024 4:39:00 PM MDT
|Significant Progress Report
|The Casper Network team reports that they have been working diligently and making significant progress on resolving the exploit.
|-
|July 30th, 2024 3:18:00 AM MDT
|Event Rescheduled
|A tweet notes that a developer event has been rescheduled, likely due to the exploit.
|-
|July 30th, 2024 11:12:00 AM MDT
|Casper Network Update
|Casper Network provides an update
|-
|July 30th, 2024 4:10:00 PM MDT
|Casper Network Update
|"Casper Validators are meeting on Wednesday 31 July 2024 at 1400 UTC. In that meeting details of the upgrade will be provided. Once the validators accept the upgrade, they will then immediately resume consensus and minting of blocks"
|}

== Technical Details ==
"Casper Network discovered that malicious actors exploited a vulnerability that allowed a contract installer to bypass access rights checks on urefs, enabling them to grant the contract access to uref-based resources. This privilege escalation facilitated unauthorized access, including the ability to transfer tokens."

== Total Amount Lost ==
"According to the preliminary report released by Casper Network on July 31, 13 wallets were affected in this incident. The total amount of illicit transactions is estimated to be around $6.7 million."

The total amount lost has been estimated at $6,700,000 USD.

== Immediate Reactions ==
"Following the attack, Casper Network tweeted that they had worked with validators to pause the network in order to minimize the impact of the security vulnerability until it could be patched."

"Following the analysis on Friday 26 July 2024, the Casper team and partners involved started to develop a patch for the problem. It was established at that time that a limited number of accounts had been targeted to obtain CSPR without proper authorization from the owners of those accounts."

== Ultimate Outcome ==
"In the early morning hours (CET) on Saturday 27 July 2024 it became clear that tracing and recovering those misappropriated funds may become difficult without immediately preventing further dispersion.

A subset of validators joined in coordination to halt the consensus and block production to enable a patch to be thoroughly tested before staging an update to the Casper blockchain. Consensus was halted on 27 July 2024 at 07:50 UTC."

== Total Amount Recovered ==
There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

== Ongoing Developments ==
"The Casper Association and parties affected by this incident will conduct a thorough investigation, including working with proper authorities to recover any funds which may have been transferred without proper authorization."
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="slowmisthackedarchive-14855">[https://web.archive.org/web/20240808214412/https://hacked.slowmist.io/ SlowMist Hacked - SlowMist Zone] (Accessed Aug 8, 2024)</ref>

<ref name="caspernetwork-14963">[https://casper.network/en-us/news/casper-blockchain-security-update-preliminary-incident-report Casper Network] (Accessed Aug 16, 2024)</ref>

<ref name="caspernetwork-14964">[https://casper.network/en-us/news/casper-blockchain-security-update-incident-contained-and-recovery-efforts-underway Casper Network] (Accessed Aug 16, 2024)</ref>

<ref name="caspernetwork-14965">[https://casper.network/en-us/ Casper Network] (Accessed Aug 16, 2024)</ref>

<ref name="caspernetworkdocs-14966">[https://docs.casper.network/ What is Casper? | Casper] (Accessed Aug 16, 2024)</ref>

<ref name="caspernetworktwitter-14967">[https://twitter.com/Casper_Network/status/1818408819971481796 @Casper_Network Twitter] (Accessed Aug 16, 2024)</ref>

<ref name="caspernetworktwitter-14968">[https://twitter.com/Casper_Network/status/1818333832556269663 @Casper_Network Twitter] (Accessed Aug 16, 2024)</ref>

<ref name="caspernetworktwitter-14969">[https://twitter.com/Casper_Network/status/1817852127487689114 @Casper_Network Twitter] (Accessed Aug 16, 2024)</ref>

<ref name="caspernetworktwitter-14970">[https://twitter.com/Casper_Network/status/1818053646334181880 @Casper_Network Twitter] (Accessed Aug 16, 2024)</ref>

<ref name="caspernetworktwitter-14971">[https://twitter.com/Casper_Network/status/1818214503382663288 @Casper_Network Twitter] (Accessed Aug 16, 2024)</ref>

<ref name="caspernetworktwitter-14972">[https://twitter.com/Casper_Network/status/1817567910275014748 @Casper_Network Twitter] (Accessed Aug 16, 2024)</ref>

<ref name="caspernetworktwitter-14973">[https://twitter.com/Casper_Network/status/1817252082560258372 @Casper_Network Twitter] (Accessed Aug 16, 2024)</ref>

<ref name="caspernetworktwitter-14974">[https://twitter.com/Casper_Network/status/1816789158456623454 @Casper_Network Twitter] (Accessed Aug 16, 2024)</ref>

<ref name="youtube-14975">[https://www.youtube.com/watch?v=hJwveewPv3w - YouTube] (Accessed Aug 16, 2024)</ref>

<ref name="cointelegraph-14976">[https://cointelegraph.com/news/casper-network-halts-operations-security-breach https://cointelegraph.com/news/casper-network-halts-operations-security-breach] (Accessed Aug 16, 2024)</ref>

<ref name="coinpedia-14977">[https://coinpedia.org/news/alert-casper-network-became-victim-to-a-crypto-hack/ Alert : Casper Network Became Victim to a Crypto Hack!] (Accessed Aug 16, 2024)</ref>

<ref name="happycoin-14978">[https://happycoin.club/en/kriptovalyuta-casper-podeshevela-na-14-posle-ataki-na-blokchejn/ Due to blockchain hacking, the Casper cryptocurrency rate collapsed by 14%] (Accessed Aug 16, 2024)</ref></references>

Casper Network Uref Bypass Wallet Draining - Revision history