BCCN3

View Original

AkuDreams Smart Contract Failure

AkuDreams launched an NFT project called Akutars featuring a young astronaut in a variety of costumes and holding different accessories. Using a Dutch Auction method, the floor price during public mint was able to remain at a stable level for holders who were enticed by its profitable utilities. 

It was the perfect collection for many until a small coding error caused the team to lose $34 million dollars gained during mint which is now locked away in a smart contract forever. While the team has committed to refunding as much money as possible to customers, the entire situation could have been averted by taking a few extra steps. 

What are Testnets

Testnets are a common system used by blockchain developers to simulate smart contracts on a mock blockchain before deploying onto the mainnet. They are an extremely important part of the development process because smart contracts are final. 

Once deployed, there is no way that a smart contract can be altered or amended. This is because Ethereum famously follows the principle Code is Law which is the regulatory framework that keeps all transactions on the Ethereum blockchain immutable. 

However, any developer will tell you that it is foolish to always expect a program to be perfect at launch, let alone every project ever developed for a popular network like Ethereum. Testnets exist because they offer blockchain developers the freedom to make mistakes with no risk of losing funds in the process. 

The Eth used in testnets holds no monetary value and can’t be used with the mainnet which allows developers to check through mistakes until everything is correct. In fact, this is one of the primary reasons that the Ethereum 2.0 merger has taken so long because there is only one chance to deploy the smart contract and if it is not perfect then the entire blockchain will crumble. 

It cannot be stressed enough that if AkuDreams did a better job of using testnets to detect coding errors this entire situation could have been avoided. 

Have an Auditing team examine your smart contract

Another method to prevent this for future projects is to hire an independent auditing team. Similar to a lawyer, an auditing team is hired to look through the contract to identify and correct any mistakes that they see. 

It is their job to help finalize the smart contract before deployment so that no issues arise afterwards. Unfortunately, this was not the case for AkuDreams as they did not hire any auditing team and ignored concerns that came from the community. 

Listen to the community

Days before AkuDreams deployed their smart contract, concerns were raised by two individuals - Hassan (@notchefbob) & Bender (@0xBender). Hassan initially tried reaching out to the AkuDreams team urging them to review their smart contract knowing that exploits were present in the contract. 

The team contacted Hassan, but ultimately wrote off his worries as FUD and dismissed the issue. Shortly after, a grief hacker was able to exploit the project's code and showed its weakness before disappearing without any theft. This was then tweeted about by a well known influencer named Bender who has over 80,000 followers.  

By now it was obvious that AkuDreams was headed towards serious trouble, but they failed to listen to their community which can never happen. NFT projects are driven by community support. 

It is a true reflection of value for a project because community members are the ones ultimately purchasing the non-fungible tokens. When someone from the community points out a flaw or has concerns about a project it is because they are invested in that project and want to see it succeed. 

In the end, listening to Hassan and delaying the project by another day or two needed to happen. 

Repairing the damages

While it’s easy to point the finger at everything AkuDreams did wrong, the team themselves have already begun their best to repair the problem and have successfully delivered as many refunds as possible; being transparent about what happened. 

It’s more important that we look at what caused the situation and learn from it because locking away $34 million dollars forever is not a mistake that can be allowed to ever happen again. What we know now is this - use testnets, hire an auditing team, and listen to your community. 

Following these three standards during smart contract development can drastically reduce the chances of another massive coding error similar to this from recurring.