Paid Network
HackedDeFi · $PAID · ✝ 2021
A privileged mint function turned the token to confetti.
Paid Network was a DeFi platform building smart-contract-based legal agreements. In March 2021 an attacker exploited a privileged minting function to mint and dump enormous amounts of PAID, causing roughly $27M in damage and crashing the token.
- Peak
- ~$27M stolen
- Cause
- Hacked
- Year of death
- 2021
☠️ Cause of death
A compromised or abused privileged mint-and-burn function allowed the attacker to infinitely mint PAID and dump it on the market.
📓 Lessons left behind
- —Privileged mint functions are a loaded gun pointed at holders.
- —Renounce or timelock dangerous owner powers.
- —Protect deployer keys as if the whole supply depends on them.
🌱 The idea that survived
Minimal privileged powers
Reinforced renouncing or timelocking owner mint capabilities in token contracts.
#defi#infinite-mint#private-key#ethereum