FreeCryptoCurrency.Me

New York-based investment advisor Ritholtz Wealth Management and exchange-traded fund and asset manager WisdomTree investments are jointly launching a crypto index fund. 

Dubbed the RWM WisdomTree Crypto Index, the new index consists of 36% Bitcoin, 20% Ethereum and 4% of 11 other crypto-related assets in a separately managed account, according to a company release.

The index also gives investors exposure to decentralized finance and the metaverse, such as through SushiSwap and Decentraland, in addition to layer-2 protocols and oracles. The index will be managed by registered investment advisors (RIAs), the companies said.

Besides collaborating with WisdomTree, Ritholtz also partnered with the crypto exchange and custodian Gemini as well as the crypto asset management firm OnRamp for integration to help launch the new crypto index. 

Founded in 2013, Ritholtz currently manages over $2.3 billion in assets.

© 2021 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

Cryptocurrency traders have been gripped by a drawdown that executives in the market say is tied to institutional selling. 

The price of bitcoin plunged below $43,000 overnight Saturday, falling from highs near $57,000 during Friday’s session. While the price of bitcoin has since pared some of those losses — trading above $49,000 at the time of writing — trading executives tell The Block that large institutional selling triggered a broader market shift.

Specifically, one trading executive said that there appeared to be an institution that sold more than $500 million in bitcoin on Friday morning. 

That selling triggered “aggressive liquidations” in the crypto derivatives market, the person added. As noted by The Block’s Larry Cermak, the market saw more than $1.3 billion in long positions liquidated in the move from $51,000 to $42,000. Total open interest in the derivates market also fell from $21.6 billion to $16.7 billion in less than an hour. 

Such liquidations are not atypical in the crypto market. Over the last year, certain market drawdowns have been exacerbated by over-levered traders on offshore venues being liquidated. 

“Everyone has had a good year, and with this player coming from traditional finance, they have their eye on the macro environment which currently looks shaky,” noted Aya Kantorovich, an executive at crypto firm FalconX.

Over the last few weeks, traders across crypto and equities have had to digest headlines related to the emerging variant of COVID-19 known as omicron and indications from the U.S. Federal Reserve that faster tapering might be on the horizon. 

Still, Kantorovich told The Block there are buyers still at play. 

“Across our desk we are seeing a lot of OTC with primarily buyers coming in to take long exposure,” she said. 

© 2021 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

Crypto exchange BitMart has been hacked for $100 million, according to security researchers PeckShield.

At 7.30 PM UTC, PeckShield first noticed an excessive amount of outbound transfers. It found that a range of tokens had been sent out of BitMart’s hot wallet, starting at 4.30 PM EST. These tokens included large amounts of meme tokens like shiba (SHIB), plus half a million dollars in the stablecoin USDC.

Other commentators have pointed out that funds have also been removed on the Binance Smart Chain blockchain too, which could raise the amount of funds that has been taken.

The funds have been sent on to Ethereum mixing service Tornado Cash, which will make it harder to track them.

BitMart has not yet confirmed the hack. We have reached out to the exchange and will update this story should we hear back.

For more breaking stories like this, make sure to follow The Block on Twitter.

© 2021 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

Quick Take

• In November, there were a number of big exits: some surprising, some controversial.
• Plus Brian Books returned to the crypto industry at a new firm.

This feature story is available to
subscribers of The Block Daily.
You can continue reading
this Daily feature on The Block.

A bug in the Solana Protocol Library (SPL) — a set of reference documents for Solana projects — could have seen attackers steal money from multiple Solana projects at a rate of $27 million an hour, according to security researchers at Neodyme.

The projects that were affected included yield aggregator Tulip Protocol and lending protocols Solend and Larix. These projects currently look after $1.7 billion in funds (although that was considerably higher before today’s market crash). 

Uncovering a billion-dollar bug

In a blog post, Neodyme explained that the bug was first publicly disclosed by one of Neodyme’s auditors, known as Simon, on file sharing platform GitHub in June. At the time, the security researchers did not know if it was exploitable or how big its impact could be. The bug went unnoticed.

On December 1, Simon saw that the issue was still open and the bug hadn’t been fixed. Due to his concerns, security researchers at Neodyme started testing to see if it was possible to exploit the bug, and to gauge how serious it was. The bug was a “seemingly innocuous rounding error,” according to Neodyme, but they quickly found that it had the potential to steal a fortune — in millions of tiny pieces.

The bug worked as follows. Simply put, for Solana apps there’s a mechanism for when you put funds in and take them out. If the protocol followed the SPL reference documents, then they would round funds to the nearest whole number at the point of withdrawal. This would only happen if the user was owed a fraction of the smallest unit of reference, known as a Lamport (this is similar to a satoshi, the smallest amount of bitcoin).

Now this worked both ways. Some people would end up with an extra fraction of their tokens. Other people would end up with slightly less than they were owed. But it would be a minuscule amount per person, and on average would roughly equal out.

But were someone to game the system, the researchers wondered, surely they could end up taking the tiny extra amounts? And were they to do this over and over again, perhaps they could make significant amounts of money.

The researchers tested their theory out in practice on a copy of the blockchain. They submitted a transaction designed to exploit the bug and it managed to steal 0.000001 BTC ($0.047) due to the rounding error.

The researchers estimated they could execute this bug 150-200 times in a single transaction and put many of these transactions in a single block. They figured such an exploit could steal funds at a rate of $7,500 per second, or $27 million an hour.

In terms of how much could be stolen in total, it’s an open question how long this kind of an exploit could have gone on for before it was noticed and protections were put in place. That would depend on how blatant the attackers were and whether they carried out the attack quickly or slowly. But the researchers knew there was more than a billion dollars at risk.

The researchers swiftly contacted multiple Solana projects that they believed were affected by this bug. Since many Solana projects are closed-source, it was a much harder task and they wrongly identified a couple of projects. But they managed to get in contact with Solend, Tulip and Larix, which all fixed the bug.

Since the bug was disclosed, Solana Labs has also fixed the reference documents to make sure that new projects following its instructions won’t introduce it again.

For more breaking stories like this, make sure to follow The Block on Twitter.

© 2021 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

Quick Take

• There is a lot of buzz about “Web3,” but it’s hard to keep apprised of major developments across the board due to the lack of a categorization system for Web3 news
• We start to address this issue in the first part of a multipart series in which we analyze major news from four of eight major areas of Web3: Oracles, Wallets, Domains, and Middleware
• We take both qualitative and quantitative perspectives within each of these domains to gather insights at both local and global levels
• We conclude by discussing limitations and some ways to go about organizing Web3 as it comes into being

This research piece is available to
members of The Block Genesis.
You can continue reading
this Genesis research on The Block.

Crypto lending company Celsius Network CEO Alex Mashinsky confirmed in a live stream today that the company lost funds in the BadgerDAO hack earlier this week.

“We are working with Badger to recover all those funds. We are collaborating with them on the investigation,” Mashinksy said.

“I want to make sure every Celsius user understands, when things like this happen, we are the ones who lose, you don’t lose because it’s our job to recover the funds, it’s our job to work with these funds, to select good projects versus bad projects and everything else,” he added.

According to speculators on Twitter looking at on-chain transactions, Celsius Network may have lost around $50 million as a result of the exploit.

The BadgerDAO exploit was a front-end attack where attackers managed to take some control of the main website. When users went to make transactions, the attacker changed the nature of the transactions to steal the funds. In total, the protocol lost $120 million.

© 2021 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

On December 2, Senator Elizabeth Warren wrote to the CEO of Greenidge Generation Holdings, asking about the environmental impact of its bitcoin mining operations in upstate New York and elsewhere.

“I seek information on Greenidge’s operations and the resulting impacts on the environment and local communities,” said Warren’s letter, highlighting that the firm is “serving as a model for other companies seeking to acquire aging fossil fuel plants for the purposes of making the energy generation profitable, a trend that is likely to accelerate after China’s crackdown on cryptomining.”

As bitcoin mining operations expanded throughout the U.S. earlier this year, Greenidge announced that it was buying carbon offsets for its emissions in May. The firm advertises itself as “the first and only vertically integrated power generator and bitcoin miner of scale in the United States that is 100% carbon neutral.”

In a statement to The Block, representatives for Greenidge said:

“We look forward to providing a detailed response to the Senator’s questions, sharing how the facility meets all of New York’s nation-leading environmental standards, is bringing economic opportunity to an underserved area of the state, and is a model for crypto mining with widespread local support.”

Representatives for Senator Warren had not responded to a request for comment as of press time.

Warren has been notably hostile to cryptocurrency mining for years. As mining operations in the United States have picked up over the course of 2021, she has become more vocal in her suspicion of the industry, but she is not the only one.

Greenidge has been at the center of a particularly contentious debate, as it is the most conspicuous operation to reboot one of a number of power plants in upstate New York that earlier state emissions controls had shut down except in the event of power shortages.

Prior to Greenidge’s announcement of its carbon-offset program, New York Assemblymember Anna Kelles introduced a bill to shut down commercial bitcoin mining in the state for three years. A push from a union of electrical workers ultimately stopped that bill from passing into law. 

© 2021 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

Quick Take

• This weekly series explores the most interesting insights in NFTs, blockchain gaming, and virtual worlds
• With the increasing proliferation of NFTs across different chains, new projects continue to innovate for the benefit of new launch mechanisms, which often represent a double-edged sword
• As PFP projects keep executing on their roadmaps and build out their own worlds, owners of these NFTs take notice and react in a myriad of ways

This research piece is available to
members of The Block Genesis.
You can continue reading
this Genesis research on The Block.

Quick Take

• Canaan’s recent patent lawsuit against AGM Holdings is conceptually similar to the legal war between Bitmain and MicroBT four years ago.
• It remains to be seen if the “public knowledge” argument by the defendant HighSharp will be able to stand in court.

This feature story is available to
subscribers of The Block Daily.
You can continue reading
this Daily feature on The Block.