The most important things first: all your funds are safe. No actions need to be taken, except revoting for a baker.
Detailed description of the accident.
Yesterday, in the process of developing a new version of QuipuSwap and covering it by extra tests, we have found a vulnerability in smart contracts for FA 2 token pools that could be used to withdraw liquidity from the old QuipuSwap FA 2 pools.
In order to protect our users from potential risks of losing funds we have decided to use this vulnerability and remove FA2 token liquidity pools from QuipuSwap versions 1-1.1 and place these funds to a new safe DEX version.
The biggest pools that were moved: USDS, hDAO, sDAO and other FA2 token pools with a balance of more than 8 tez.
In the process of migration the QuipuSwap front-end was closed to exclude the possibility of user interaction with the vulnerability affected smart-contracts.
All your funds are safe and you may get them by logging in to QuipuSwap with your wallet.
MadFish compensates all potentially missed baking rewards by sending XTZ to the new smart contract, and they will be distributed in 30 days among Liquidity providers proportionally to their shares as usual.
In case you have voted for a baker in the Governance tab, you will need to repeat this action again.
Pools with FA1.2 tokens weren't affected by vulnerability and are safe to use.
We are going to post all the technical information about the vulnerability during the next week.
How shares migration happened?
Before the event each user had the liquidity tokens and there were the rate of XTZ per each LP share i.e each user owned some value in XTZ in the pool and the corresponding amount of tokens.
xtzPerShareold = totalLockedXtzold/totalSharesold
userXtzValueOfSharesold = xtzPerShare*userSharesold
The liquidity of each pool was drained to the separate account. If there were the same token pairs in Quipuswap version v1 and v1.1 the tokens were collected on the single account after the rescuing from the old pools. All the liquidity has been invested to the new Quipuswap and each new share got the new underlying XTZ value that can be calculated as followed:
sharesPerXtznew = totalSharesnew/ totalLockedXtznew
Then the shares that user should receive can be calculated as:
If the user had the shares in both v1 and v1.1 QuipuSwap of the same exchange pair both positions have been refunded applying the same principle.
Answers on your possible questions:
Why wasn't this vulnerability detected before?
Even though our team and the external company audited QuipuSwap smart contracts, it was hard to detect all possible code correlations. It was a reason why we continued developing and launching different tests to simulate potential attacks on our DEX. Unfortunately, one of the tests was successful.
May you provide guarantees that QuipuSwap is safe?
We may guarantee that we are doing our best to make QuickSwap the best and secure DEX on Tezos. We will continue to conduct different tests and create more validations to protect our users.
What about sDAO farming pools?
As long as we didn’t want the sDAO/XTZ liquidity to get stuck in the SalsaDAO staking pool after migration, it was decided to redistribute all the new migrated sDAO/XTZ LP shares directly to the users who staked their assets in their contract. So if you had QuipuSwap liquidity locked in the SalsaDAO contract, you may check it in the “Invest” -> “Remove Liquidity” -> Enter sDAO contract address “KT19ovJhcsUn4YU8Q5L3BGovKSixfbWcecEA” and token id “1” to see your liquidity.
I want to ask questions, where should I write?