Posts about Algorand
We would like to share with the Algorand community a thread on the recent MyAlgo security incident and our thoughts to support the victims during this challenging time.
As key participants in the Algorand ecosystem, we feel truly sorry for all the victims of this unfortunate event and we understand the need for our ecosystem champions to step up and show support to the entire community at this moment.
First and foremost: If you have not already done so, now is the time to rekey or move the assets to a new Pera Algo Wallet or Defly wallet!
Some of our portfolio companies were significantly impacted by the loss incurred in this hack. As their VC partners, we are working to do our best to provide investment support to mitigate the impact, so that they can recover and continue to operate in the ecosystem.
This is one of the biggest challenges we’ve faced in the Algorand ecosystem and it will require a coordinated effort to make sure that we can, together, bring light to these dark times and move forward towards our future with the least possible negative impact.
As a member of the Algorand Foundation Governance Advisory Committee, we would like to propose the creation of a 50M $ALGO Recovery Fund, anchored with the treasury of the Algorand Foundation and open to contributions from third parties including other ecosystem investors.
In light of unprecedented community urgency, we suggest it should be included as a 3rd measure to be voted on before the end of the current governance period of Q1 2023.
If the community votes in favor and approves the creation of the Recovery Fund, Borderless will contribute 2.5M ALGO on top of the amount that the governance community deems appropriate to be used from the Algorand Foundation treasury.
Due to the total losses and in an effort to make all the victims whole, we propose that the current Algorand blockchain ALGO fees that are now going to the Algorand Foundation treasury wallets should be allocated to this Recovery Fund until the community is fully restituted.
As it relates to the intricacies of restitution through the Recovery Fund, we are extremely eager to help the Algorand Foundation, along with other major ecosystem participants to quickly develop a process and work alongside third parties to have an orderly distribution of funds.
We hope this initiative will be supported by the broader community of Algorand users, builders, node runners, investors and all other participants, and together we will come out of this incident stronger than ever!
Source: https://twitter.com/borderless_cap/status/1633911425822236676
Last week on February 20th it was reported that over 13 million ALGOs were stolen from different users, it appears that all of these users were using a My Algorand browser based wallet. MyAlgo tweeted this morning recommending that all users move assets off any Mnemonic wallet stored on MyAlgo site.
If you have a hardware wallet linked to MyAlgo your crypto should be fine since your seed phrase was never on their website.
It also appears that Pera wallets are not affected buy hardware wallet would be best.
John Woods the CTO of the Algorand foundation made a statement that the hack was not a problem with Algorand itself.
Multiple users have lost millions of ALGOs in this hack
Gard protocol a DeFi platform on Algorand was also affected by the recent hack, no users funds were taken but it appears a portion of their operating funds were.
Things to do
move your funds to a hardware wallet if possible.
move your funds to hot wallet that isn't My Algorand wallet
you could also rekey your current wallet (advanced) https://developer.algorand.org/docs/get-details/accounts/rekey/
First sorry for those affected by this hack.
I have seen a lot of tweets and posts that seem to put blame on Algorand, when in reality it is myAlgo's fault. MyAlgo wallet is not Algorand. It seems like it is a bit of a forgotten project by the people behind it, which may have affected its maintenance and security.
But as a community, we have to stay strong. I really feel we start to have something going on right now. And things look bright. Don't let guys like the OPULOUS CEO destroy all this, cause he feels threatened by Napster and Limewire.
Algorand is on the right path, just hire a CFO for its growth project. Researchwise it is kicking ass, imagine in the next 3-4 years, we could be the first blockchain running full-scale decentralized multiparty computation (MPC) on Algorand, as well as having fully Homomorphic encryption (FHE). See the the paper by the Algorand researchers for an example:
https://eprint.iacr.org/2021/210.pdf
A public blockchain will never get adopted until it reconciles two conflicting forces: its public nature with privacy. This is because companies will never put their sensitive data on a public blockchain without some privacy feature. Healthcare, insurance, land registry, degree certificates data will never be on a public blockchain unless these two forces, public and privacy, are reconciled. And considering the team behind Algorand (Micali, Halevi, Tal Rabin, Hugo Krawczyk, Pekert, and its advisors) are top of their field.
I believe Algorand will be the first to reconcile these two forces.
Hi,
I'm sure you've all heard about the exploit on algorand by now. However MyAlgoWallet claims that there's a risk your seed phrase has been compromised if you've ever authenticated with them. If you have I suggest you rekey your account right now to prevent your funds from getting stolen.
Here is the official pera wallet link:
For defly users:
https://docs.defly.app/app/rekey-an-account
Follow their step-by-step instructions, and be aware that re-keying an account requires complete awareness and understanding of what is going on with your account, performing this operation incorrectly may cause permanent damage to your account and funds.
This has been a truly difficult time for the Algorand community. The security breach has impacted a number of users of the MyAlgo Wallet, a third-party wallet by Rand Labs.
Algorand Foundation is bringing in Halborn, best-in-class blockchain security firm, to investigate and combat this on behalf of those impacted.
We have also engaged Chainalysis to help trace compromised wallet transfers and freeze funds if they are deposited in an exchange that integrates with and acts upon Chainalysis data.
Those affected are our community members and builders and we can only imagine the pain this has caused. Any type of security breach in our industry tests our resilience, but we believe we will move forward together as a community.
Investigations are ongoing with relevant law enforcement agencies in an attempt to recover the stolen funds across the following exchanges and partners: Changenow, Kucoin, and Circle, all of whom are aware of attacker wallet addresses.
If you’ve been impacted, we encourage you to reach out to your local law enforcement authorities, if you have not already.
If you are still holding assets in a MyAlgo Wallet, you should immediately withdraw funds to, or rekey to, newly created accounts outside of MyAlgo, or to a hardware wallet.
If you need help rekeying, follow the tutorials ⬇️
1 - Rekey your wallet on Pera Algo Wallet app: https://twitter.com/PeraAlgoWallet/status/1630991666814353410
2 - Rekey your wallet on Pera Algo Wallet web app: https://twitter.com/PeraAlgoWallet/status/1630284001561681920
3 - Rekey your wallet on Defly: https://twitter.com/deflyapp/status/1630576504424783872
Source: https://twitter.com/AlgoFoundation/status/1633212651655274497
---------------
In addition: if you are affected by the attack, please report to Nimble. They are leading the investigation together with Vantage Point Security and their insurance people are trying to find a way to recover the stolen assets
To get updates and stay up to date, please join their Discord https://discord.gg/FqGEa3Bv3d and fill out these forms https://forms.gle/wg9nSkjzjXzejhkQA and https://forms.gle/9EsTQTALqCV7YjeG9
I think we can all agree that tps numbers can be hard to compare between chains. Some chains can pin 10000s of native token transfers, but things get weird when you start to compare smart contracts.
Last year, I posted about this metric in the Algorand subreddits for determining throughput of different blockchains in the fairest way possible. That is using an AMM “uniswap-style” swap as the benchmark.
The authors of the medium article linked in my original post tested the smart contract throughput of some of the top smart contract platforms empirically, and they found that these chains to have the following AMM-swap tps limits:
Solana Mainnet Orca - 273 swaps
BSC pancakeswap - 195 swaps
Polygon quickswap - 95 swaps
Avax Trader Joe - 176 swaps
Celo Ubeswap - 50 swaps
Ethereum uniswap v2 - 18 swaps
Immediately after the 6k tps upgrade, I made a post about Algorand's ability to perform these AMM-style swaps which was estimated using the assumption that an AMM swap would require four txns per swap. This estimation came out to about 1625 swaps per second. At the time this was very impressive because the next fastest chain was Solana capped at being able to do 273 swaps per second.
People foreshadowed in the comments on one of my previous posts saying that it could definitely be done in less than four transactions, but I wanted to be conservative at the time.
Today, I saw on twitter that one of the developers from Vestige actually empirically tested this on the MAINNET and proved that Algorand can do 2881 AMM-style swaps per second. You can see the on-chain evidence in this block.
Algorand literally dwarfs these other chains in smart contract efficiency10.5x more than Solana Mainnet Orca - 273 swaps
15x more than BSC pancakeswap - 195 swaps
30x more than Polygon quickswap - 95 swaps
16x more than Avax Trader Joe - 176 swaps
57x more than Celo Ubeswap - 50 swaps
160x more than Ethereum uniswap v2 - 18 swaps
3.5x more than all of them combined - 807 swaps
If anybody can do this experiment for other popular Layer 1s like Tezos, NEAR, or Elrond or the Layer 2s on ETH, I would love to include them here.
Please be respectful in the comments :)
It's pretty shitty what Glitter has done and taken what one company has done (MyAlgo) and made it seem as our entire Blockchain is defective and a risk, just so they can make some extra money... They literally called for a bank run on Algorand and used hashtag AlgoFam in the same breath. Read their Twitter, they are doing nothing but mocking us and stepping on us for their own gain. I say we band together and let them know how we feel on their Twitter. (By the way, they openly admitted to not following best practices security protocols and letting their own wallet get hacked - who would want to use a service like that?). Let's go show them and the world on Twitter who the real AlgoFam really is. Their Twitter handle is @GlitterFinance, let's go blow it up. They are dead to us.
https://twitter.com/GlitterFinance/status/1633425073884282884?t=oeZpUuBneNX1S2qOi7ZhdA&s=19