What happened?
On February 18th, specific NULS POCM restaking smart contracts associated with the NULS ecosystem’s SCO platform were subjected to an attack. We have since taken immediate action to rectify the situation and fully restored the functionality of the SCO platform at this time.
Immediately following the attack, we deployed a network upgrade successfully and triggered the returning process from the POCM contracts, all NULS assets staked on attacked POCM contracts were returned to the stakers and the rest will be distributed soon.
Simultaneously, the remaining tokens in the POCM contracts were returned to the POCM creators’ addresses.
What is next?
As the SCO platform is now restored, we remain committed to actively aiding affected projects in their contract re-deployment efforts. The community will be able to re-engage with their favored projects and participate once again in the staking process once re-deployment is complete.
At the same time, the re-distribution of the NULS will be completed upcoming days.
What is SCO and POCM?
The SCO Platform is a restaking protocol built on NULS that allows projects to issue and distribute project tokens to interested stakers through smart contracts, the protocol embedded inside the smart contracts and the smart contracts themselves are called POCM which stands for Proof Of Credit Mining. Users Stake into a project’s chosen nodes and earn their tokens as rewards.
The POCM contracts stake the NULS committed by the user to the network itself generating rewards that can only be claimed by the project’s NULS address.
Projects can use the NULS consensus rewards to bootstrap and help fund development or can choose to send these NULS directly to a liquidity pool that will help them to increase their liquidity and hence potential trading volume.
Unlike IEOs and ICOs, Stakers never risk their principal, and NULS are always in their full control, guaranteed by the POCM smart contracts.
Earn project tokens while your device is off! As a universal SCO Platform, thanks to our partner’s blockchain Nerve Network, POCM can issue and distribute tokens and assets from any blockchain supported.
More information
A total of 3,725,981 NULS was transferred during the incident, with 2,057,185 NULS returned to the community fund and 1,668,796 NULS sent to various decentralized exchanges and other addresses.
The attacker’s account can be found here:
https://nulscan.io/address/info?address=NULSd6HgZSvGCrF3GqzHHrGRZhu6tcKt6VXV3
Some of the hacked assets were converted into ETH through intricate pathways, but are still traceable: https://etherscan.io/address/0x5af37540df2356ee639a3d8672a20a5cc51e0a9f
A validation function was bypassed considering a very rare case not considered by the NVM.
Following discussions within the NULS community council, it was decided unanimously that all affected staking users will receive full compensation soon. The process has been already initiated the assets will be distributed from the community fund.
We are actively tracking these assets and encourage security firms and enthusiastic community members to assist in the recovery process. If the lost assets are successfully retrieved, 50% of it will be allocated to reward the individuals involved in the recovery process. We guarantee full anonymity if required to guarantee a smooth process.
We strongly believe that there exists top talent in the industry that needs the right incentives to help us and the whole industry to fulfill the necessary security guarantees that are expected by users, to achieve this goal we will launch a Bug Bounty program, in which developers who make significant contributions to the security aspects of the NULS network will receive substantial rewards. The details of this program will be released upcoming weeks.
THANK YOU!!!
We extend our heartfelt appreciation to our partners and the community for their unwavering support throughout this ordeal.