ParaSpace Team at Odds With Founder Over Missing Funds

ParaSpace Team at Odds With Founder Over Missing Funds

ParaSpace, a decentralized NFT lending protocol, shared today that not all of the funds were returned from the exploit that occurred back in mid-March and resulted in 2,909 ETH being recovered. At the center of the controversy is ParaSpace founder, CEO, and CTO Ruan Yubo, who's been accused of misappropriating over 50% of the user funds that were recovered.

❗ Why It Matters

ParaSpace is one of the largest NFT Fi protocols and a place where many BAYC, MAYC, and BAKC holders stake their assets for $APE. Because over 50% of funds from the March exploit were unreturned, there are no longer enough available funds from the initial amount to cover the hole in the protocol treasury.

So this news is concerning on many levels, particularly after ParaSpace had already indicated in the aftermath of the exploit that "all user funds and assets on ParaSpace are safe and secure. No NFTs were compromised and financial losses to the protocol are minimal." Trust issues abound every day in this space...

🔙 Back It Up

On March 17, 2023, ParaSpace faced an exploit due to a vulnerability in one of ParaSpace’s smart contracts, which allowed the hacker to borrow additional tokens through a six-step process. Blockchain security infrastructure firm Blocksec initially flagged the issue before proceeding to intercept the hacker. The blackhat’s contract didn’t use enough gas, so the transaction failed. Blocksec recovered 2,909 ETH (~$5 million USD) and returned the funds to ParaSpace.

The Deets

  • In March, ParaSpace recovered $5M from the hack, but the team now claims Ruan kept over 50% of the user funds for himself.
  • All user funds and assets are safe and cannot be accessed by Yubo.
  • Ruan has allegedly refused to comply with the team’s requests to return the funds and step down from his roles as CEO and CTO.

The Details

19 team members (including COO Thomas Schmidt and Chief Business Officer Jay Yao) have accused founder and CEO/CTO Ruan Yubo (@yuboruan) of misappropriating the users’ funds in question. The funds are administered by an EOA wallet (0x909...) owning the names ruanyubo.eth and paraspaceinsurance.eth (which actually redirects to yubo.eth).

From these user funds, since the hack, over $1,000,000 USD has outflown to various unknown wallets as well as to CEXs and Circle redemptions. The remainder of the user funds, vulnerable to ETH price fluctuations, are deposited in a user-type account on ParaSpace itself, earning further interest from users.

The team secured the protocol’s multi-sig, and removed Ruan Yubo as well as any addresses not directly controlled by the team. Additionally, they've added 2 team member addresses, increased the required signatories from 2 to 4 out of 5, and removed Yubo’s access and any addresses not directly controlled by the team from emergency admin roles in the protocol.

ğŸŽ¤ Founder Feedback

ğŸŽ¤ Community Quotes

 

🧠 Learn More

On the "ParaSpace Current Updates" Twitter Spaces earlier today, the ParaSpace team shared their knowledge of the situation, recovery efforts, and the current status.

 

Disclaimer: The author or members of the Lucky Trader staff may own NFTs discussed in this post. Furthermore, the information contained on this website or the Lucky Trader mobile application is not intended as, and shall not be understood or construed as financial advice. AI may have assisted in the creation of this content.