Internal Job? Terraform Labs’ Wallet is Suspected to Have Caused the UST Attack (Report)
- The TerraUSD and LUNA scandal from last month may have been an inside job, according to an inquiry.
- The two native digital assets created by Terraform Labs last month quickly depreciated, leaving only a failed restarting project. This attracted the attention of the whole cryptocurrency world. However, a recent analysis by the security firm Uppsala Security revealed that Terra itself is connected to and managing the wallet that was used in the hack.
- Last month, Terra’s algorithmic stablecoin (UST), which was meant to be redeemable 1:1 with dollars, lost its peg and became arbitrage-profitable against LUNA. The values of both assets fell to pennies in a couple of days, which sparked a panic and sell-off throughout the market.
- Regarding what actually happened, more information is coming to light. Recent investigations have been launched by the US and South Korea, and numerous watchdogs have detailed plans to include regulations on the sector and stablecoins in particular.
- The initial phase of Uppsala Security’s research reveals one address that has been linked to the initial run against UST and its de-pegging.
- It was given the name “Wallet A” by the company, which concluded that it might be “owned or controlled by Terraform Labs (TFL) or Luna Foundation Guard (LFG) themselves, or their related parties.”
- The investigation revealed numerous accounts that were somehow connected to what happened, some of which were registered on Binance and Coinbase, as well as the manner in which they exchanged UST, USDC, and USDT.
- A “wallet associated with TFL removed approximately 150m of UST liquidity from Curve pool” was the first action that caused the de-pegging. Later, Wallet A exchanged USDC for 85 million of the algorithmic stablecoin in the same Curve pool before sending the new cash to a Coinbase user account. This transaction is difficult to trace without the exchange disclosing user data.
- Instead, according to Uppsala Security’s data, Wallet A’s Ethereum mainnet funds originated from the Terra mainnet through the Wormhole. “terra1yl” (Wallet A(T)) was the name of the associated wallet on Terra.
- Memo: 104721486 was being used to identify the precise Binance account into which Wallet A(T) was depositing UST. By May 25, it had acquired about 124 million UST since it began accepting UST earlier this year, the majority of which came from Wallet A. (T).
- “On 2022-05-07 alone, the day the de-pegging of UST started, Wallet A(T) deposited a total of 108,251,326 UST into Memo: 104721486. Up until 2022-05-07 21:44 UTC, when TFL initially pulled 150m of UST liquidity from Curve pool, a total of 10 incoming transactions were made into Memo: 104721486, raising the likelihood that Wallet A(T) and Memo: 104721486 may have been aware of the impending UST liquidity withdrawal.
- Due to a tweet from the team, the initial address that sent UST to Memo: 104721486 was recognized as a wallet managed by LUNC DAO. This account (terra13s) had previously sent 19 million luna to another address (terra17p), which in turn had sent 100 million luna to another address (terra1gr), a validated LFG wallet.
- Terra13s and Terra1t0 were the initial and early depositors in another user wallet on Binance (Memo: 100055002), which had received 2,665,579,215 UST up to May. The relationship between all addresses is more clearly depicted in the second image. In response to the discoveries, Uppsala Security CEO Kim Hyung-woo stated: “It was proven that not just Wallet A but also the wallet connected to it were maintained by Terraform Labs and affiliated firms. There is a need for authorities to look at linked exchanges like Binance, as it looks to be.
Read More From Us: Play n Watch