Nirvana Finance Resumes: The First Case Convicted Due to a Smart Contracts Attack

Last week, several significant events occurred, including the Federal Reserve's relatively aggressive cut of 50 basis points and the Bank of Japan's decision to maintain its policy. These events suggest that there may not be excessively negative information in the coming weeks. While paying attention to these macroeconomic trends, we mainly need to focus on two key points: whether the labor market recovers as expected, and the risk of inflation reigniting.

However, a noteworthy piece of news is that the algorithmic stablecoin project Nirvana Finance on Solana has announced the relaunch of its V2 version. The project was forced to suspend operations after suffering a hack in July 2022, resulting in a loss of over $3.5 million. The recent relaunch indicates that the relevant judicial authorities may have completed the recovery and transfer of the stolen funds. This event could become the first case in the United States to convict due to a smart contracts attack, marking a milestone for common law countries and is expected to significantly enhance the efficiency of handling similar cases in the future.

Background of Nirvana Finance's Flash Loan Attack

Nirvana Finance is an algorithmic stablecoin project within the Solana ecosystem, launched in early 2022. On July 28, 2022, the project was hacked, and all collateral (approximately $3.5 million) was stolen. Although the project contract was not open-sourced, the attacker was still able to exploit the flash loan feature of a lending platform to carry out the attack, raising some questions about the project team.

It is worth noting that the project claimed to have completed "automated auditing" before the attack occurred, but it turned out that this auditing did not serve its intended purpose. Project co-founder Alex Hoffman stated in a media interview that the team had just begun the auditing work during the week the attack happened. He admitted that the project did not anticipate such widespread attention in its early stages, until it attracted interest from some Chinese media, resulting in a rapid increase in Total Value Locked (TVL).

After the project achieved initial success, the CEO of a well-known blockchain platform personally suggested conducting a smart contracts audit and attempted to expedite the audit process. However, after the collateral was stolen, the project came to a standstill, with only official personnel continuing to maintain the community.

Turning Point of the Case

The situation took a turn on December 14, 2023. Shakeeb Ahmed, a former senior software security engineer at a tech giant, admitted in the Southern District Court of New York to computer fraud charges related to the hacking of Nirvana Finance and another decentralized cryptocurrency exchange. The prosecutor's office stated that this is the first case in history to result in a conviction for hacking smart contracts.

On April 15, 2024, Ahmed was sentenced to three years in prison for invading and defrauding two cryptocurrency exchanges. Subsequently, on June 6, the stolen funds were transferred back to the project's designated account, marking the official recovery of the funds.

The truth of the case comes to light

In fact, the root of the entire case is another decentralized exchange, and Nirvana Finance was actively disclosed after the hacker was captured. Ahmed was a senior security engineer at an international technology company during the attack, specializing in smart contracts and blockchain audits, and was proficient in software reverse engineering techniques.

According to documents released by the U.S. Department of Justice, the case originated from a decentralized exchange that was attacked in July 2022, resulting in a loss of approximately $9 million. Ahmed attacked the platform through a flash loan and proposed a $2.5 million "white hat bounty" condition.

As for the reason why Ahmed was ultimately arrested, there may be two explanations. One is that the attacker interacted with certain exchange addresses; the other is that there was a lapse in the use of a certain mixing protocol, leading to funds being traceable. These clues may have helped law enforcement ultimately capture him in New York.

In any case, the recovery of stolen funds is a positive outcome. This case highlights the importance for DApp developers to place a high priority on fund security, while also providing a reference for the handling of similar cases, which may have a certain deterrent effect on related criminal activities.