Proposed by:
Requested amount:
0 DOT

#1322 · Referendum #1322: Rebond DOT from Parallel Fi accounts - Description below

Goal of the Proposal:

  • To rebond all balances related to the attack.
  • The approach does not impact the sovereignty of the funds but delays availability of funds
  • It allows the Parallel team to win time and explore alternatives to regaining control of their parachain governance.

Context:

An account took control over Parallel Fi governance, upgraded the parachain's runtime and used it to transfer out over DOT and USDT. The account executed a malicious runtime upgrade, introducing a custom "sudo" pallet, granting themselves administrative privileges on the parachain. Through the proxy account, they successfully transferred DOT from three of the parachain’s DOT staking ledger accounts to their account. To obfuscate the trail, the account moved assets across parachains: including from AssetHub USDT to Moonbeam (most channels between parachains have been closed by now). The account is still actively unstaking staked DOT through an added proxy.

To fix this a root proposal is needed: however given the time calculated until unstaking ends, might make a root proposal unsuccessful. This whitelisted proposal aims to issue a simple rebond call to restake the DOT to buy additional 28 days of time for Parallel: providing time for the team to look into options to regain control of its parachain governance. The addresses in which DOT is to be rebonded are:

14quGMw2tot6JxY2wSyk1Vc1uns3EmMRs2eQS2C66Mdv6uE9 (22.649 DOT) 19cnUyebu52RUt4Rt67brDmmnVdaDD37xdxKbaJ7tuLnLfu (74.614 DOT) 16kTs7tsJ6tYYWAXSWDmm4vYnRTFPWEhXTk4rNCtbw6NRvte (1.566 DOT) 16ZbwPMyrp9yTbPScDqm9btzcNVKKQ5MHcMQp4rA1ztF4sBA (101.322 DOT) 1dMif8G4jrXsdPSkvF87uBfaiahh2EvC9fPnsi91v4i1xKC (3.413 DOT)

These addresses hold Parallel Fi funds.

Call data: here.

Preimage hash: here.

This proposal, given its root need, has been submitted via Whitelisted Caller Track. A proposal to whitelist the submission is up for vote on Technical Fellowship as well. Please note that relay chain is not affected by this event but we aim to assist the Parallel parachain community in taking back control of these accounts.

Please make sure to review and vote at your convenience!

Read more
StatusDeciding · 25d
99%Aye
Aye (418)
38.011M DOT
Nay (5)
4.11K DOT
Decision2 / 28d
0.0%14.5%
11.6%Support Threshold
0Support Threshold
Support(1.02%)
15.36M DOT
Issuance
1.51B DOT
Vote
Dec 1

For transparency purposes, we have provided a more detailed discussion post here. Please check out the Google Doc link included within.

https://polkadot.subsquare.io/posts/396

Dec 1

Parallel Team Update

In the past 15 hours, the hacker transferred all remaining DOT to Moonbeam and utilized cross-chain bridges to move the funds to Ethereum. Currently, the hacker holds a close to 0 balance on Polkadot.

We strongly urge our community to vote on this proposal to recover/rebond the remaining 125,000+ DOT as quickly as possible and regain parachain control subsequently.

Transaction details: Etherscan Link: https://etherscan.io/tx/0x3d131a8f255e8a1b7a991f9b3a607ac550c1b5275917d147488c6d3f918da805 https://etherscan.io/address/0xf6b852758a34c31641994ca6b4357b34ad1c18dc#internaltx

Polkadot Subscan Link: https://polkadot.subscan.io/account/16cm11H5g5ZgiaqGL6FYDQVDFGPfujLe8kadQA36BdcTuwRt?tab=transfer

sourabhniyogiNov 30

Dune is now up to date for everyone to take a look, courtesy of gatotech.network, thank you @0xTaylor_ for taking the initiative

Nov 30

helixstreet always strives to do good.

XGhostXNov 30

Why should the network intervene in a parachain's personal problem? It sounds like this is Parallel Fi's fault.

"Immutable" blockchain until some team's bad design is compromised - then suddenly the blockchain isn't immutable, anything can be changed over a vote, and token holders can do whatever they want.

This is a bad precedent to set. Why should I vote for this? So someone can come and steal my own cryptocurrency in the future, as long as they have an excuse that appears justified to voters?

We should not be compromising the future of the network over Parallel Fi's mistake IMO. I understand that people want to "do good" with this but I'm concerned about the longterm implications. 

Nov 29

Can you do something similar for the equilibrium team? They never renewed their parachain and there are many funds like dot, ldot and vdot blocked without being able to withdraw them.

Nov 29

For transparency purposes, I am sharing a submitted proposal/discussion from the attacker: https://polkadot.subsquare.io/referenda/1326.

My request: to rebond the tokens at risk to provide for more time to analise the situation (comment here).

1hCMdtRsaRA4ZTEKpPKPvEjK9rZpGhyFnRHSDhqFMCEayRLNov 29

If the attackers of Parallel Fi governance, have the sudo key can't they just make more or unbond right away?

@dwulf69 Yes, they could unbond right away but this would provide the Parallel team with 28 days extra days to try and solve access to the parachain governance.

14aZsGMA4aPrSuV4MSSpumtYwxuNNrDc3vHu12K85xYh9qcBNov 29

If the attackers of Parallel Fi governance, have the sudo key can't they just make more or unbond right away?

@dwulf69 Unbonding takes 28 additional days after rebonding. This buys time for Parallel team to do the needful to protect their funds

Nov 29

If the attackers of Parallel Fi governance, have the sudo key can't they just make more or unbond right away?

Powered by Subsocial