Zodiac DAO Rug Pull: Difference between revisions

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search
No edit summary
(Another 30 minutes complete. Additional sources merged in. Prevention completed.)
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/zodiacdaorugpull.php}}
{{Case Study Under Construction}}[[File:Zodiacdao.jpg|thumb|Zodiac DAO]]The ZodiacDAO was a collateralized reserve currency. The liquidity, website, Twitter, Medium, and Telegram have disappeared. There is limited information on how much was lost and no apparent recovery plan.
{{Unattributed Sources}}


[[File:Zodiacdao.jpg|thumb|Zodiac DAO]]The ZodiacDAO was a collateralized reserve currency. The liquidity, website, Twitter, Medium, and Telegram have disappeared. There is limited informatino on how much was lost and no apparent recovery plan.
== About Zodiac DAO ==
<ref name="dappradar-5291" /><ref name="newsfilecorp-5292" /><ref name="yahoomovies-5296" />


This is a global/international case not involving a specific country.
<ref name="certik-5262" /><ref name="coinmarketcap-5288" /><ref name="thepost-5289" /><ref name="zodiacdaofinancearchive-5290" /><ref name="dappradar-5291" /><ref name="newsfilecorp-5292" /><ref name="youtube-5293" /><ref name="zodiacdaomediumarchive-5294" /><ref name="certikorgtwitter-5295" /><ref name="yahoomovies-5296" />


== About Zodiac DAO ==
Github: <ref>[https://github.com/zodiacdao Zodiac DAO Github] (Aug 28, 2023)</ref>
"Zodiac is a belt of the heavens within about 8° either side of the ecliptic, including all apparent positions of the sun, moon, and most familiar planets. It is divided into twelve equal divisions or signs which each carry its deep meanings."


"ZodiacDAO is a DeFi 2.0+ decentralized reverse currency protocol based on the $ZD token. We use the POL (Protocol Owned Liquidity) to make sure that $ZD is back into ZodiacDAO treasury stable and sufficiently."
ZodiacDAO promised an advanced OlympusDAO fork including features like Rebased, NFT, GameFi, and Web3<ref name="thepost-5289" />. Based on the $ZD token and backed by the Zodiac DAO, Zodiac promised a decentralized protocol aiming to bring innovation to DeFi 2.0<ref name="thepost-5289" />. It aimed to address issues faced by other DAOs and OlympusDAO<ref name="thepost-5289" />. The project claimed to avoid the "Pump and Dump" problem by fully adding pre-sold tokens to a Liquidity Pool (LP) and vesting them for whitelisters<ref name="thepost-5289" />. The protocol involves profit distribution through staking ZD tokens, and bonding offers leverage for more ZD tokens<ref name="thepost-5289" />. It promised NFT rewards and anti-inflation mechanisms to maintain the ZD token value<ref name="thepost-5289" />.


"Singapore, Singapore–(Newsfile Corp. – January 2, 2022) – ZodiacDAO Launches an advanced OlympusDAO fork containing Rebased, NFT, GameFi and Web3. Zodiac is a decentralized protocol based on the $ZD token – collateralized and backed by the Zodiac DAO. ZD will be the reserve currency on the BSC network. In order to maintain price stability, Zodiac will use the Algorithmic Reserve Currency algorithm and will also be supported by the POL (Protocol Owned Liquidity) for the most sufficiency. Zodiac will be community owned; $ZD holders decide on Zodiac’s future via on-chain voting and HODL-ing activities."


"Their GameFi is currently under development and anti-inflation will be applied as well, so people can play, earn, and rest assured about the stable price of ZD along with their great marketing strategy."
ZodiacDAO has launched an advanced OlympusDAO fork with features such as Rebased, NFT, GameFi, and Web3. It operates as a decentralized protocol based on the $ZD token, collateralized and supported by the Zodiac DAO, serving as the reserve currency on the Binance Smart Chain (BSC) network. Zodiac employs the Algorithmic Reserve Currency algorithm for price stability and utilizes Protocol Owned Liquidity (POL)<ref name=":0">[https://web.archive.org/web/20220102102603/https://ca.style.yahoo.com/introducing-zodiacdao-advanced-olympusdao-fork-100300177.html Introducing ZodiacDAO, an Advanced OlympusDAO Fork Contains: Rebased, NFT, Gamefi and Web3 - Yahoo Life] (Aug 28, 2023)</ref>. Community ownership is emphasized, enabling $ZD holders to make decisions through on-chain voting and holding activities. ZodiacDAO addresses issues faced by other DAOs and aims to bring innovation to DeFi 2.0. Pre-sold tokens are locked in a Liquidity Pool to prevent Pump & Dump scenarios<ref name=":0">[https://web.archive.org/web/20220102102603/https://ca.style.yahoo.com/introducing-zodiacdao-advanced-olympusdao-fork-100300177.html Introducing ZodiacDAO, an Advanced OlympusDAO Fork Contains: Rebased, NFT, Gamefi and Web3 - Yahoo Life] (Aug 28, 2023)</ref>. The protocol involves Staking and Bonding strategies, and it integrates NFT and GameFi components with anti-inflation mechanisms for price stability and value growth<ref name=":0">[https://web.archive.org/web/20220102102603/https://ca.style.yahoo.com/introducing-zodiacdao-advanced-olympusdao-fork-100300177.html Introducing ZodiacDAO, an Advanced OlympusDAO Fork Contains: Rebased, NFT, Gamefi and Web3 - Yahoo Life] (Aug 28, 2023)</ref>.


"We’ve received inbounds that may indicate high risks regarding to a project named Zodiac DAO. The twitter account is gone and we wish the community DYOR enough before interacting with the dApp."
According to CoinMarketCap, "ZodiacDAO is a DeFi 2.0+ decentralized reverse currency protocol based on the $ZD token. We use the POL (Protocol Owned Liquidity) to make sure that $ZD is back into ZodiacDAO treasury stable and sufficiently."<ref name="coinmarketcap-5288" />


"#zodiacdao has been identified as a #rugpull. Their twitter account @zodiacdao_bep20 has been deactivated. The team is currently looking into it. DO NOT interact with this project!"
"Singapore, Singapore–(Newsfile Corp. – January 2, 2022) – ZodiacDAO Launches an advanced OlympusDAO fork containing Rebased, NFT, GameFi and Web3. Zodiac is a decentralized protocol based on the $ZD token – collateralized and backed by the Zodiac DAO. ZD will be the reserve currency on the BSC network. In order to maintain price stability, Zodiac will use the Algorithmic Reserve Currency algorithm and will also be supported by the POL (Protocol Owned Liquidity) for the most sufficiency. Zodiac will be community owned; $ZD holders decide on Zodiac’s future via on-chain voting and HODL-ing activities."


This is a global/international case not involving a specific country.
"Their GameFi is currently under development and anti-inflation will be applied as well, so people can play, earn, and rest assured about the stable price of ZD along with their great marketing strategy."


The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.
Twitter: <ref>[https://web.archive.org/web/20211224233656/https://twitter.com/zodiacdao_bep20 ZodiacDao Twitter Archive December 24th, 2021 4:36:56 PM MST] (Aug 30, 2023)</ref>


Include:
Medium: <ref name="zodiacdaomediumarchive-5294" />


* Known history of when and how the service was started.
Website: <ref name="zodiacdaofinancearchive-5290" />
* What problems does the company or service claim to solve?
* What marketing materials were used by the firm or business?
* Audits performed, and excerpts that may have been included.
* Business registration documents shown (fake or legitimate).
* How were people recruited to participate?
* Public warnings and announcements prior to the event.


Don't Include:
== The Reality ==
* Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
* Anything that wasn't reasonably knowable at the time of the event.
There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.


== The Reality ==
This sections is included if a case involved deception or information that was unknown at the time. Examples include:


* When the service was actually started (if different than the "official story").
The GameFi and anti-inflation features were still reportedly under development at the time of the launch<ref name="thepost-5289" />.
* Who actually ran a service and their own personal history.
* How the service was structured behind the scenes. (For example, there was no "trading bot".)
* Details of what audits reported and how vulnerabilities were missed during auditing.


== What Happened ==
== What Happened ==
The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.
TBD
{| class="wikitable"
{| class="wikitable"
|+Key Event Timeline - Zodiac DAO Rug Pull
|+Key Event Timeline - Zodiac DAO Rug Pull
Line 55: Line 37:
!Description
!Description
|-
|-
|January 4th, 2022 12:00:00 AM
|December 23rd, 2021 11:04:00 PM MST
|Main Event
|Last Github Update
|Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.
|The project completed their last Github update to the "Zodiac Supply Endpoint"<ref>[https://github.com/zodiacdao/zodiac-supply-endpoint- Zodiac Supply Endpoint - Zodiac DAO Github] (Aug 28, 2023)</ref>.
|-
|January 2nd, 2022 3:06:35 AM MST
|Zodiac DAO Press Release
|A press release is made by the Zodiac DAO project announcing their project launch and describing the protocol, which is picked up by the Hanover Post<ref name="thepost-5289" />. The post specifically mentions how the project's unique launch approach is designed to prevent pump and dump and maintain the value of the ZD token.
|-
|-
|
|
|
|
|
|
|-
|January 4th, 2022 12:41:00 PM MST
|CertiK Community Leaderboard
|The CertiK Community Leaderboard shares a tweet which reports that the Zodiac DAO project has rugpulled and their Twitter account is deactivated. They advise the community to not interact with this project and state they are looking into it further<ref name="certikorgtwitter-5295" />.
|-
|January 5th, 2022 1:45:01 AM MST
|Karma Finance Video
|YouTube channel Karma Finance reports on the rug pull and resulting price crash<ref name="youtube-5293" />. The price was reportedly trading well above the $10-$20 mark, but at the time of the video there was a 100% drop and the website is completely "banished". It references the "CertiK Security Leaderboard" post confirmation and reports that the community is closely monitoring the situation.
|}
|}
== Technical Details ==
TBD


== Total Amount Lost ==
== Total Amount Lost ==
The total amount lost is unknown.
The total amount lost is unknown. TBD
 
How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?


== Immediate Reactions ==
== Immediate Reactions ==
How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?
How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?
<ref name="certik-5262" />
"We’ve received inbounds that may indicate high risks regarding to a project named Zodiac DAO. The twitter account is gone and we wish the community DYOR enough before interacting with the dApp."
=== CertiK Security Leaderboard Tweet ===
The CertiK Security Leaderboard shared a Tweet to warn the community<ref name="certikorgtwitter-5295" />.<blockquote>"#zodiacdao has been identified as a #rugpull. Their twitter account @zodiacdao_bep20 has been deactivated.
The team is currently looking into it.
DO NOT interact with this project!"</blockquote>
=== Karma Finance YouTube Video ===
YouTube channel Karma Finance reports on the rug pull and resulting price crash<ref name="youtube-5293" />. The price was reportedly trading well above the $10-$20 mark, but at the time of the video there was a 100% drop and the website is completely "banished". It references the "CertiK Security Leaderboard" post confirmation and reports that the community is closely monitoring the situation.


== Ultimate Outcome ==
== Ultimate Outcome ==
What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?
TBD


== Total Amount Recovered ==
== Total Amount Recovered ==
There do not appear to have been any funds recovered in this case.
There do not appear to have been any funds recovered in this case.


What funds were recovered? What funds were reimbursed for those affected users?
== Ongoing Developments ==
TBD
== Individual Prevention Policies ==
The Zodiac DAO project smart contract was not independently reviewed. Individuals should ensure that project funds are stored in a proper multi-signature wallet with keys held by reputable individuals.


== Ongoing Developments ==
{{Prevention:Individuals:Safe Smart Contract Usage}}
What parts of this case are still remaining to be concluded?
 
{{Prevention:Individuals:Question Unrealistic Profit}}
 
{{Prevention:Individuals:End}}
 
== Platform Prevention Policies ==
Members of the Zodiac DAO team could have ensured that funds were stored in a proper multi-signature wallet with reputable key-holders, which would have prevented the theft of the funds without the consent of the vast majority of key holders. For other wallets and exchanges, increased user education can help users avoid participating in risky projects.


== Prevention Policies ==
=== Zodiac DAO Platform ===
Which policies could have prevented this event from happening?
The Zodiac DAO team could have ensured that funds were stored in a proper multi-signature wallet with reputable key-holders. This would require multiple members of the team to approve any funds from being spent outside of the intended development path.


== References ==
{{Prevention:Platforms:Implement Multi-Signature}}
<references><ref name="certik-5262">[https://www.certik.com/ CertiK Blockchain Security Leaderboard] (Jan 4, 2022)</ref>


<ref name="coinmarketcap-5288">[https://coinmarketcap.com/currencies/zodiacdao/ https://coinmarketcap.com/currencies/zodiacdao/] (Jan 6, 2022)</ref>
=== Other Wallets And Exchanges ===
Increased user education can help users avoid participating in risky projects, and point users to the right tools to validate projects. An industry insurance fund can assist affected users.


<ref name="thepost-5289">[https://www.thepost.on.ca/newsfile/108894-introducing-zodiacdao-an-advanced-olympusdao-fork-contains-rebased-nft-gamefi-and-web3 Introducing ZodiacDAO, an Advanced OlympusDAO Fork Contains: Rebased, | Hanover Post] (Jan 6, 2022)</ref>
{{Prevention:Platforms:Cryptocurrency Safety Quiz}}


<ref name="zodiacdaofinancearchive-5290">[https://web.archive.org/web/20220102142710/https://zodiacdao.finance/ ZodiacDAO Finance] (Jan 6, 2022)</ref>
{{Prevention:Platforms:Establish Industry Insurance Fund}}


<ref name="dappradar-5291">[https://dappradar.com/binance-smart-chain/defi/zodiacdao ZodiacDAO | DappRadar] (Jan 6, 2022)</ref>
{{Prevention:Platforms:End}}


<ref name="newsfilecorp-5292">[https://www.newsfilecorp.com/release/108894/Introducing-ZodiacDAO-an-Advanced-OlympusDAO-Fork-Contains-Rebased-NFT-Gamefi-and-Web3 Introducing ZodiacDAO, an Advanced OlympusDAO Fork Contains: Rebased, NFT, Gamefi and Web3] (Jan 6, 2022)</ref>
== Regulatory Prevention Policies ==
The incident could have been prevented through a third party review of the project, which would have uncovered the insecure storage of funds outside of a multi-signature wallet and checked into the team. An industry insurance fund can facilitate proper reviews and assist in the event of loss.


<ref name="youtube-5293">[https://www.youtube.com/watch?v=Cv47uAmeUxw Zodiac DAO Rugpull -Big Crash, Website Twitter Closed- ZodiacDao Plummets after Listing ZD fall down - YouTube] (Jan 6, 2022)</ref>
{{Prevention:Regulators:Platform Security Assessments}}


<ref name="zodiacdaomediumarchive-5294">[https://web.archive.org/web/20211224233658/https://medium.com/@zodiacdao https://web.archive.org/web/20211224233658/https://medium.com/@zodiacdao] (Jan 6, 2022)</ref>
{{Prevention:Regulators:Establish Industry Insurance Fund}}


<ref name="certikorgtwitter-5295">[https://mobile.twitter.com/certikorg/status/1478451532685324295 https://mobile.twitter.com/certikorg/status/1478451532685324295] (Jan 6, 2022)</ref>
{{Prevention:Regulators:End}}


<ref name="yahoomovies-5296">[https://ca.movies.yahoo.com/introducing-zodiacdao-advanced-olympusdao-fork-100300177.html Introducing ZodiacDAO, an Advanced OlympusDAO Fork Contains: Rebased, NFT, Gamefi and Web3] (Jan 6, 2022)</ref></references>
== References ==
<references>
<ref name="certik-5262">[https://www.certik.com/ CertiK Blockchain Security Leaderboard] (Jan 4, 2022)</ref>
<ref name="coinmarketcap-5288">[https://web.archive.org/web/20220524003830/https://coinmarketcap.com/currencies/zodiacdao/ ZodiacDao - CoinMarketCap Archive May 23rd, 2022 6:38:30 PM MDT] (Jan 6, 2022)</ref>
<ref name="thepost-5289">[https://www.thepost.on.ca/newsfile/108894-introducing-zodiacdao-an-advanced-olympusdao-fork-contains-rebased-nft-gamefi-and-web3 Introducing ZodiacDAO, an Advanced OlympusDAO Fork Contains: Rebased, - Hanover Post] (Jan 6, 2022)</ref>
<ref name="zodiacdaofinancearchive-5290">[https://web.archive.org/web/20220102142710/https://zodiacdao.finance/ ZodiacDAO Finance Archive January 2nd, 2022 7:27:10 AM MST] (Jan 6, 2022)</ref>
<ref name="dappradar-5291">[https://dappradar.com/binance-smart-chain/defi/zodiacdao ZodiacDAO - DappRadar] (Jan 6, 2022)</ref>
<ref name="newsfilecorp-5292">[https://www.newsfilecorp.com/release/108894/Introducing-ZodiacDAO-an-Advanced-OlympusDAO-Fork-Contains-Rebased-NFT-Gamefi-and-Web3 Introducing ZodiacDAO, an Advanced OlympusDAO Fork Contains: Rebased, NFT, Gamefi and Web3] (Jan 6, 2022)</ref>
<ref name="youtube-5293">[https://www.youtube.com/watch?v=Cv47uAmeUxw Karma Finance News - Zodiac DAO Rugpull -Big Crash, Website Twitter Closed- ZodiacDao Plummets after Listing ZD fall down - YouTube] (Jan 6, 2022)</ref>
<ref name="zodiacdaomediumarchive-5294">[https://web.archive.org/web/20211224233658/https://medium.com/@zodiacdao ZodiacDao Medium Archive December 24th, 2021 4:36:58 PM MST] (Jan 6, 2022)</ref>
<ref name="certikorgtwitter-5295">[https://mobile.twitter.com/certikorg/status/1478451532685324295 CertiK Security Leaderboard - "#zodiacdao has been identified as a #rugpull. Their twitter account @zodiacdao_bep20 has been deactivated." - Twitter] (Jan 6, 2022)</ref>
<ref name="yahoomovies-5296">[https://ca.movies.yahoo.com/introducing-zodiacdao-advanced-olympusdao-fork-100300177.html Introducing ZodiacDAO, an Advanced OlympusDAO Fork Contains: Rebased, NFT, Gamefi and Web3] (Jan 6, 2022)</ref>
</references>

Latest revision as of 14:18, 30 August 2023

Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Zodiac DAO

The ZodiacDAO was a collateralized reserve currency. The liquidity, website, Twitter, Medium, and Telegram have disappeared. There is limited information on how much was lost and no apparent recovery plan.

About Zodiac DAO

[1][2][3]


Github: [4]

ZodiacDAO promised an advanced OlympusDAO fork including features like Rebased, NFT, GameFi, and Web3[5]. Based on the $ZD token and backed by the Zodiac DAO, Zodiac promised a decentralized protocol aiming to bring innovation to DeFi 2.0[5]. It aimed to address issues faced by other DAOs and OlympusDAO[5]. The project claimed to avoid the "Pump and Dump" problem by fully adding pre-sold tokens to a Liquidity Pool (LP) and vesting them for whitelisters[5]. The protocol involves profit distribution through staking ZD tokens, and bonding offers leverage for more ZD tokens[5]. It promised NFT rewards and anti-inflation mechanisms to maintain the ZD token value[5].


ZodiacDAO has launched an advanced OlympusDAO fork with features such as Rebased, NFT, GameFi, and Web3. It operates as a decentralized protocol based on the $ZD token, collateralized and supported by the Zodiac DAO, serving as the reserve currency on the Binance Smart Chain (BSC) network. Zodiac employs the Algorithmic Reserve Currency algorithm for price stability and utilizes Protocol Owned Liquidity (POL)[6]. Community ownership is emphasized, enabling $ZD holders to make decisions through on-chain voting and holding activities. ZodiacDAO addresses issues faced by other DAOs and aims to bring innovation to DeFi 2.0. Pre-sold tokens are locked in a Liquidity Pool to prevent Pump & Dump scenarios[6]. The protocol involves Staking and Bonding strategies, and it integrates NFT and GameFi components with anti-inflation mechanisms for price stability and value growth[6].

According to CoinMarketCap, "ZodiacDAO is a DeFi 2.0+ decentralized reverse currency protocol based on the $ZD token. We use the POL (Protocol Owned Liquidity) to make sure that $ZD is back into ZodiacDAO treasury stable and sufficiently."[7]

"Singapore, Singapore–(Newsfile Corp. – January 2, 2022) – ZodiacDAO Launches an advanced OlympusDAO fork containing Rebased, NFT, GameFi and Web3. Zodiac is a decentralized protocol based on the $ZD token – collateralized and backed by the Zodiac DAO. ZD will be the reserve currency on the BSC network. In order to maintain price stability, Zodiac will use the Algorithmic Reserve Currency algorithm and will also be supported by the POL (Protocol Owned Liquidity) for the most sufficiency. Zodiac will be community owned; $ZD holders decide on Zodiac’s future via on-chain voting and HODL-ing activities."

"Their GameFi is currently under development and anti-inflation will be applied as well, so people can play, earn, and rest assured about the stable price of ZD along with their great marketing strategy."

Twitter: [8]

Medium: [9]

Website: [10]

The Reality

The GameFi and anti-inflation features were still reportedly under development at the time of the launch[5].

What Happened

TBD

Key Event Timeline - Zodiac DAO Rug Pull
Date Event Description
December 23rd, 2021 11:04:00 PM MST Last Github Update The project completed their last Github update to the "Zodiac Supply Endpoint"[11].
January 2nd, 2022 3:06:35 AM MST Zodiac DAO Press Release A press release is made by the Zodiac DAO project announcing their project launch and describing the protocol, which is picked up by the Hanover Post[5]. The post specifically mentions how the project's unique launch approach is designed to prevent pump and dump and maintain the value of the ZD token.
January 4th, 2022 12:41:00 PM MST CertiK Community Leaderboard The CertiK Community Leaderboard shares a tweet which reports that the Zodiac DAO project has rugpulled and their Twitter account is deactivated. They advise the community to not interact with this project and state they are looking into it further[12].
January 5th, 2022 1:45:01 AM MST Karma Finance Video YouTube channel Karma Finance reports on the rug pull and resulting price crash[13]. The price was reportedly trading well above the $10-$20 mark, but at the time of the video there was a 100% drop and the website is completely "banished". It references the "CertiK Security Leaderboard" post confirmation and reports that the community is closely monitoring the situation.

Technical Details

TBD

Total Amount Lost

The total amount lost is unknown. TBD

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?


[14]


"We’ve received inbounds that may indicate high risks regarding to a project named Zodiac DAO. The twitter account is gone and we wish the community DYOR enough before interacting with the dApp."


CertiK Security Leaderboard Tweet

The CertiK Security Leaderboard shared a Tweet to warn the community[12].

"#zodiacdao has been identified as a #rugpull. Their twitter account @zodiacdao_bep20 has been deactivated.

The team is currently looking into it.

DO NOT interact with this project!"


Karma Finance YouTube Video

YouTube channel Karma Finance reports on the rug pull and resulting price crash[13]. The price was reportedly trading well above the $10-$20 mark, but at the time of the video there was a 100% drop and the website is completely "banished". It references the "CertiK Security Leaderboard" post confirmation and reports that the community is closely monitoring the situation.

Ultimate Outcome

TBD

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

Ongoing Developments

TBD

Individual Prevention Policies

The Zodiac DAO project smart contract was not independently reviewed. Individuals should ensure that project funds are stored in a proper multi-signature wallet with keys held by reputable individuals.

Avoid the use of smart contracts unless necessary. Minimize the level of exposure by removing or withdrawing assets whenever possible. Aim to choose smart contracts which have obtained third party security audits, preferably having been audited by at least three separate reputable firms. Pay attention to the audit reports, which smart contracts are covered, and whether the smart contract has been upgraded or modified since the report. Ensure that any administrative functions with the ability to remove funds from the smart contract are under the authority of a multi-signature wallet which is controlled by at least three separate and reputable entities.

Any time that you are promised any profit or benefit in exchange for an initial payment, smart contract approval, or deposit, pay special care as to whether the entity making that offer is trustworthy, actually who they say they are, and has the means to fulfill what they're promising. There are no magic algorithms providing guaranteed returns from trading or mining. Trading on average will lose money. Mining is expensive and complex. No one is going to immediately send back more than you sent them. NFT projects will rarely announce a surprise mint in only a single location. Are you fully prepared for the event your money is kept and nothing is delivered in return?

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Members of the Zodiac DAO team could have ensured that funds were stored in a proper multi-signature wallet with reputable key-holders, which would have prevented the theft of the funds without the consent of the vast majority of key holders. For other wallets and exchanges, increased user education can help users avoid participating in risky projects.

Zodiac DAO Platform

The Zodiac DAO team could have ensured that funds were stored in a proper multi-signature wallet with reputable key-holders. This would require multiple members of the team to approve any funds from being spent outside of the intended development path.

All wallets, minting functions, and critical infrastructure should be implemented with a multi-signature requirement, with a recommended minimum of 3 signatures required. This means that making important changes or approving spending will require the keys held by at least 3 separate individuals within the organization to approve. The multi-signature should be implemented at the lowest layer possible, all key holders should have security training, and all key holders should be empowered and encouraged to exercise diligence.

Other Wallets And Exchanges

Increased user education can help users avoid participating in risky projects, and point users to the right tools to validate projects. An industry insurance fund can assist affected users.

Never take for granted the limited knowledge of users of your service and their tendency to skip past provided information. It is recommended to design a simple tutorial and quiz for new users which explains the basics of seed phrases, strong password generation, secure two-factor authentication, common fraud schemes, how ponzi schemes work, as well as other risks which are unique to the cryptocurrency space. This tutorial and quiz should ensure their understanding and be a standard part of the sign-up or download process which is difficult or impossible to skip.

Work with other industry platforms to set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

The incident could have been prevented through a third party review of the project, which would have uncovered the insecure storage of funds outside of a multi-signature wallet and checked into the team. An industry insurance fund can facilitate proper reviews and assist in the event of loss.

All platforms should undergo published security and risk assessments by independent third parties. Two assessments are required at founding or major upgrade, one after 3 months, and one every 6 months thereafter. The third parties must not repeat within the past 14 months. A risk assessment needs to include what assets back customer deposits and the risk of default from any third parties being lent to. The security assessment must include ensuring a proper multi-signature wallet, and that all signatories are properly trained. Assessments must be performed on social media, databases, and DNS security.

Set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services within the country, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. ZodiacDAO - DappRadar (Jan 6, 2022)
  2. Introducing ZodiacDAO, an Advanced OlympusDAO Fork Contains: Rebased, NFT, Gamefi and Web3 (Jan 6, 2022)
  3. Introducing ZodiacDAO, an Advanced OlympusDAO Fork Contains: Rebased, NFT, Gamefi and Web3 (Jan 6, 2022)
  4. Zodiac DAO Github (Aug 28, 2023)
  5. 5.0 5.1 5.2 5.3 5.4 5.5 5.6 5.7 Introducing ZodiacDAO, an Advanced OlympusDAO Fork Contains: Rebased, - Hanover Post (Jan 6, 2022)
  6. 6.0 6.1 6.2 Introducing ZodiacDAO, an Advanced OlympusDAO Fork Contains: Rebased, NFT, Gamefi and Web3 - Yahoo Life (Aug 28, 2023)
  7. ZodiacDao - CoinMarketCap Archive May 23rd, 2022 6:38:30 PM MDT (Jan 6, 2022)
  8. ZodiacDao Twitter Archive December 24th, 2021 4:36:56 PM MST (Aug 30, 2023)
  9. ZodiacDao Medium Archive December 24th, 2021 4:36:58 PM MST (Jan 6, 2022)
  10. ZodiacDAO Finance Archive January 2nd, 2022 7:27:10 AM MST (Jan 6, 2022)
  11. Zodiac Supply Endpoint - Zodiac DAO Github (Aug 28, 2023)
  12. 12.0 12.1 CertiK Security Leaderboard - "#zodiacdao has been identified as a #rugpull. Their twitter account @zodiacdao_bep20 has been deactivated." - Twitter (Jan 6, 2022)
  13. 13.0 13.1 Karma Finance News - Zodiac DAO Rugpull -Big Crash, Website Twitter Closed- ZodiacDao Plummets after Listing ZD fall down - YouTube (Jan 6, 2022)
  14. CertiK Blockchain Security Leaderboard (Jan 4, 2022)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Zodiac_DAO_Rug_Pull&oldid=4918"