On March 9th, 2024, at 06:06:59 AM +UTC, the $JUICE Staking contract was victim to an exploit, draining 1,303,811 $JUICE Tokens. The attacker swiftly sold the tokens on Uniswap, netting approximately 54 ETH.
Exploit Analysis
The attack occurred at 06:06:59 AM +UTC and involved a vulnerability in the staking contract. This vulnerability allowed the attacker to manipulate the system and drain the liquidity pool and user-staked tokens for approximately 54 ETH.
A look at one of the contract drain transaction
Recovery Plan
Staking token recovery
- All $JUICE holders staking before the exploit will receive an airdrop equivalent to their original staked amount (totaling 813,995 $JUICE).
Bonus airdrop
- An additional 10% bonus airdrop will be provided to directly impacted stakers (totaling 81,399 $JUICE).
Token buyback and burn
- Over four weeks, 50% of the team’s ETH reserves (44.5 ETH) will be used to repurchase $JUICE tokens from Uniswap (March 10th — April 14th, 2024).
- These repurchased tokens will be permanently removed from circulation through burning.
- Utilizing 100% of the token tax for buybacks and burns over the same four-week period.
About Olympix
Olympix is a pioneering DevSecOps tool that puts security in the hands of the developer by proactively securing code from day one.
Join our beta program to fortify your smart contracts and proactively shield them from exploits in the evolving Web3 security landscape.
Connect with us on:
Twitter | LinkedIn | Discord | Medium | Instagram | Telegram | Substack
