Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
More
White Hat Hacker Saves Foom Cash Funds: Important Lessons About Protocol Security
In a security incident highlighting the importance of quick response in the crypto ecosystem, a white hat hacker successfully recovered lost funds from the Foom Cash protocol. Cointelegraph reports that this decentralized lottery protocol suffered a $2.26 million loss due to a serious exploit, but through coordination between ethical security researchers and professional security firms, up to 81% of the funds—equivalent to $1.84 million—were recovered quickly.
Root Cause: Groth16 Validator Configuration Error
The vulnerability that triggered this incident stemmed from a critical misconfiguration during the deployment of Foom Cash. The main issue was an incorrect setup of the Groth16 validator, a system designed to verify cryptographic proofs within the protocol. This misconfiguration created a loophole that allowed attackers to submit fake proofs into the system, increasing the risk of undetected fraudulent transactions by the standard validation mechanisms.
White Hat Hacker Intervention: Heroic Rescue Efforts
White hat hacker Duha played a key role in identifying the vulnerability and taking swift protective action. Duha managed to secure funds spread across the Base blockchain, while professional security firm Decurity handled the recovery operations on the Ethereum network. The collaboration between these two parties demonstrates how white hat security research and corporate security services can work together to minimize losses during a crisis.
Incentive and Reward System for White Hat Collaboration
In recognition of their contributions, Foom Cash awarded $320,000 to Duha for their white hat hacking efforts in saving the funds. Decurity received $100,000 for the security services and recovery operations they provided. This incentive system reflects an industry standard that is becoming more mature, where protocols and projects allocate resources to reward ethical security researchers who help identify and fix vulnerabilities before larger losses occur.
Lessons and Implications for the Ecosystem
The Foom Cash incident underscores the importance of comprehensive security audits during protocol deployment, especially for systems involving complex cryptographic proofs like Groth16. The successful recovery of funds by white hat hackers also highlights the value of open collaboration between security communities, independent researchers, and blockchain projects in addressing the ever-evolving security challenges.