Good Morning Crosswise Community
We just wanted to give you an update and re-assure you that we are working on a solution to the situation.
We are as disappointed as you are. We are terribly sorry and will find a way to make it work for our community.
We now know how the attacker exploited our Masterchef contract. What is less clear is why that vulnerability was left unaddressed, and even ironed over. There are some indications that this may have been done with intent, and we will seek legal counsel on whether we need to report the case to law enforcement.
The situation is complex but as a consequence we have had to ask 4 of our developers to leave due to negligence, and perhaps malfeasance.
On a more positive note, not all is lost! We still have some funds left in treasury, innovative code, and a formidable community.
We don't want to overpromise anything so please treat this as provisional information. However we fully intend to get back up and running. Frederic, myself and the rest of the team remain committed to this project, and we're determined to see it to fruition.
What we are doing now is concretely figuring out the steps needed to take a snapshot of user's holdings prior to the exploit, as well as re-evaluating the codebase for further vulnerabilities.
Once we are satisfied with the evaluation, we will finalise the audit with CertiK, and only then redeploy our contracts.
We thank you once again for your understanding and support through these difficult times.
Please read a Statement from Frederic Beeg,
CEO of Crosswise.Finance:
https://crosswise.notion.site/Statement-61e387d65d3f4f02ae2dd0e4b8f10cbf
We just wanted to give you an update and re-assure you that we are working on a solution to the situation.
We are as disappointed as you are. We are terribly sorry and will find a way to make it work for our community.
We now know how the attacker exploited our Masterchef contract. What is less clear is why that vulnerability was left unaddressed, and even ironed over. There are some indications that this may have been done with intent, and we will seek legal counsel on whether we need to report the case to law enforcement.
The situation is complex but as a consequence we have had to ask 4 of our developers to leave due to negligence, and perhaps malfeasance.
On a more positive note, not all is lost! We still have some funds left in treasury, innovative code, and a formidable community.
We don't want to overpromise anything so please treat this as provisional information. However we fully intend to get back up and running. Frederic, myself and the rest of the team remain committed to this project, and we're determined to see it to fruition.
What we are doing now is concretely figuring out the steps needed to take a snapshot of user's holdings prior to the exploit, as well as re-evaluating the codebase for further vulnerabilities.
Once we are satisfied with the evaluation, we will finalise the audit with CertiK, and only then redeploy our contracts.
We thank you once again for your understanding and support through these difficult times.
Please read a Statement from Frederic Beeg,
CEO of Crosswise.Finance:
https://crosswise.notion.site/Statement-61e387d65d3f4f02ae2dd0e4b8f10cbf
The Dapp is under maintenance now.
Don't worry that we need to take it down for some time.
There is no need to worry about it.
Don't worry that we need to take it down for some time.
There is no need to worry about it.
LATEST UPDATE POST EXPLOIT
This was posted in our chats but some of you may have missed it. More updates coming soon:
https://crosswise.medium.com/post-exploit-update-2a24c3370466
Key Points:
- Same Value of LP Tokens stored, Same Price of CRSS, same monetary value in Pools. This will lead to no financial loss for any investor involved and also we will have the exact same status of the DAPP as before the exploit.
- We may also offer some “dip buyers” partial compensation, but we have yet to ascertain the viability of such a scheme.
- Given the nature of the exploit we need to re-evaluate the entire codebase for further vulnerabilities. We will also take this opportunity to further improve the code.
- Once satisfied with the evaluation, we will finalise the audit with CertiK, and only then redeploy our contracts.
- We can’t as yet give you a definitive timeframe, but currently estimate 2–3 months for us to complete these tasks including the Audit.
This includes a complete redesign of the DAPP & the implementation of new, essential features to improve the platform.
This was posted in our chats but some of you may have missed it. More updates coming soon:
https://crosswise.medium.com/post-exploit-update-2a24c3370466
Key Points:
- Same Value of LP Tokens stored, Same Price of CRSS, same monetary value in Pools. This will lead to no financial loss for any investor involved and also we will have the exact same status of the DAPP as before the exploit.
- We may also offer some “dip buyers” partial compensation, but we have yet to ascertain the viability of such a scheme.
- Given the nature of the exploit we need to re-evaluate the entire codebase for further vulnerabilities. We will also take this opportunity to further improve the code.
- Once satisfied with the evaluation, we will finalise the audit with CertiK, and only then redeploy our contracts.
- We can’t as yet give you a definitive timeframe, but currently estimate 2–3 months for us to complete these tasks including the Audit.
This includes a complete redesign of the DAPP & the implementation of new, essential features to improve the platform.
Key Extract from Announcement:
So going forward we will make sure that the snapshot / redeployment coins:
- Same Value of LP Tokens stored, Same Price of CRSS, Same Amounts in Pools. This will lead to no financial loss for any investor involved and also we will have the exact same status of the DAPP as before the exploit.
- We may also offer some “dip buyers” partial compensation, but we have yet to ascertain the viability of such a scheme.
- Given the nature of the exploit we need to re-evaluate the entire codebase for further vulnerabilities. We will also take this opportunity to further improve the code.
- Once satisfied with the evaluation, we will finalise the audit with CertiK, and only then redeploy our contracts.
- We can’t as yet give you a definitive timeframe, but currently estimate 2–3 months for us to complete these tasks including the Audit.
This includes a complete redesign of the DAPP & the implementation of new, essential features to improve the platform.
So going forward we will make sure that the snapshot / redeployment coins:
- Same Value of LP Tokens stored, Same Price of CRSS, Same Amounts in Pools. This will lead to no financial loss for any investor involved and also we will have the exact same status of the DAPP as before the exploit.
- We may also offer some “dip buyers” partial compensation, but we have yet to ascertain the viability of such a scheme.
- Given the nature of the exploit we need to re-evaluate the entire codebase for further vulnerabilities. We will also take this opportunity to further improve the code.
- Once satisfied with the evaluation, we will finalise the audit with CertiK, and only then redeploy our contracts.
- We can’t as yet give you a definitive timeframe, but currently estimate 2–3 months for us to complete these tasks including the Audit.
This includes a complete redesign of the DAPP & the implementation of new, essential features to improve the platform.
COMMUNITY AMA 26TH JAN 11AM UTC
Dear Community, please join us for our first community voice AMA since the exploit. We would like to take this opportunity to reassure everyone, as well as address your questions and share some updates.
Please do keep in mind that a lot of details remain to be defined. Please understand that we need to check the viability of every single thing that we promise. So until that is done, please understand if we cannot commit ourselves to any particular course of action at this stage.
To address as many questions as possible, we would kindly ask you to respond to this announcement with your question. We will try to address as many of them as possible during the AMA and make an audio recording available for those can’t make it to the live event. Please be mindful and ensure your question has not already been addressed.
Dear Community, please join us for our first community voice AMA since the exploit. We would like to take this opportunity to reassure everyone, as well as address your questions and share some updates.
Please do keep in mind that a lot of details remain to be defined. Please understand that we need to check the viability of every single thing that we promise. So until that is done, please understand if we cannot commit ourselves to any particular course of action at this stage.
To address as many questions as possible, we would kindly ask you to respond to this announcement with your question. We will try to address as many of them as possible during the AMA and make an audio recording available for those can’t make it to the live event. Please be mindful and ensure your question has not already been addressed.
Crosswise Community AMA 26th Jan: Recap
For those that missed the live AMA and would like to read a summary, please find it here:
https://crosswise.medium.com/community-voice-ama-26th-jan-recap-112fa8604bd2
For those that missed the live AMA and would like to read a summary, please find it here:
https://crosswise.medium.com/community-voice-ama-26th-jan-recap-112fa8604bd2
Medium
Community Voice AMA 26th Jan: Recap
An abbreviated non-verbatim summary of the Community Voice AMA held in our Telegram on 26th Jan 2022.
Crosswise Relaunch Development Update #1
Dear Community please read our latest update here:
https://crosswise.medium.com/relaunch-development-update-1-23bda639d329
Dear Community please read our latest update here:
https://crosswise.medium.com/relaunch-development-update-1-23bda639d329
Medium
Relaunch Development Update #1
Dear Community, We know everyone is eager to know what we have been working on behind the scenes. Below is quick summary of the most…
Crosswise | Announcements pinned «https://twitter.com/fredericbeeg/status/1511184907112005635»
Forwarded from Greg (never DMs first)
Dear Community,
As most of you will know there was a heated debate last week about the proposed compensation scheme. This debate was largely about whether compensation should seek to re-instate value of holdings or the actual token amounts.
We feel there are good arguments on both sides, and given the strength of the opinions voiced, we felt it best to put this to a community vote. So please take part in what is probably the most important vote to date.
The timeframe and other modalities of these two options would largely be similar, and so the substantial matter to decide is whether you would rather receive:
1:1 Token Compensation
If you had 200 CRSS or CRSS-related LP at time of exploit you will receive 200 CRSS tokens back. LP token value is assessed using price at time of exploit.
OR
Monetary Value
If you had 200 BUSD worth of CRSS or CRSS-related LP at time of exploit you will receive 200 BUSD value back paid in CRSS. LP token value is assessed using price at time of exploit.
This vote will close 1pm UTC this Wednesday. Thank you for your participation!
As most of you will know there was a heated debate last week about the proposed compensation scheme. This debate was largely about whether compensation should seek to re-instate value of holdings or the actual token amounts.
We feel there are good arguments on both sides, and given the strength of the opinions voiced, we felt it best to put this to a community vote. So please take part in what is probably the most important vote to date.
The timeframe and other modalities of these two options would largely be similar, and so the substantial matter to decide is whether you would rather receive:
1:1 Token Compensation
If you had 200 CRSS or CRSS-related LP at time of exploit you will receive 200 CRSS tokens back. LP token value is assessed using price at time of exploit.
OR
Monetary Value
If you had 200 BUSD worth of CRSS or CRSS-related LP at time of exploit you will receive 200 BUSD value back paid in CRSS. LP token value is assessed using price at time of exploit.
This vote will close 1pm UTC this Wednesday. Thank you for your participation!
Forwarded from Greg (never DMs first)
Which form of compensation do you prefer to receive?
Final Results
65%
1:1 Token Amount
35%
Re-instate Monetary Value
Dear Community,
The voting has ended and the vote was 65% in favor of 1:1 Restitution with 552 votes. We will now go ahead on that basis and will update you as soon as everything is better defined.
We hope that this vote indeed reflects the community's will, and that it will translate into a solid CRSS holder base.
Thanks to all who participated!
The voting has ended and the vote was 65% in favor of 1:1 Restitution with 552 votes. We will now go ahead on that basis and will update you as soon as everything is better defined.
We hope that this vote indeed reflects the community's will, and that it will translate into a solid CRSS holder base.
Thanks to all who participated!
Hi everyone,
Crosswise is offering its users that have lost their $CRSS Tokens due to wallet hacks the option to regain their un-vested Tokens from the Pre-Sale.
Following conditions apply:
1. Your wallet got hacked and you still got CRSS Tokens in your wallet or un-vested in Pre-Sale contracts.
2. You are able to verify your identity. We will confirm your email address you have used during our Pre-Sale Whitelisting and your personal data.
3. We will compensate 50% of the amount that is still left un-vested. The other 50% is going towards the Crosswise Marketing Wallet to boost the ecosystem.
To apply for a refund please fill out the following form:
https://form.typeform.com/to/qohcitNh
_
Deadline: 11th May 1PM UTC.
All requests for compensation after the deadline will not be accepted.
Crosswise is offering its users that have lost their $CRSS Tokens due to wallet hacks the option to regain their un-vested Tokens from the Pre-Sale.
Following conditions apply:
1. Your wallet got hacked and you still got CRSS Tokens in your wallet or un-vested in Pre-Sale contracts.
2. You are able to verify your identity. We will confirm your email address you have used during our Pre-Sale Whitelisting and your personal data.
3. We will compensate 50% of the amount that is still left un-vested. The other 50% is going towards the Crosswise Marketing Wallet to boost the ecosystem.
To apply for a refund please fill out the following form:
https://form.typeform.com/to/qohcitNh
_
Deadline: 11th May 1PM UTC.
All requests for compensation after the deadline will not be accepted.
Typeform
Crosswise.Finance Hacked Wallet Compensation
Crosswise offers its users to regain their stolen CRSS assets from Pre-Sale contracts that haven't been yet vested.
Dear Community,
We would like to announce that we received the initial audit report from Techrate yesterday!
We’re happy to share that the audit only highlighted 2 issues to resolve. We expect to be able to resolve these issues within approximately 5 days. It will then take Techrate another 4-5 days to do a final report, which we will share with the community. The relaunch will be scheduled as soon as possible after that. We expect a launch to be feasible early June.
Once again, we thank everyone who has been waiting patiently for their support.
Team Crosswise
We would like to announce that we received the initial audit report from Techrate yesterday!
We’re happy to share that the audit only highlighted 2 issues to resolve. We expect to be able to resolve these issues within approximately 5 days. It will then take Techrate another 4-5 days to do a final report, which we will share with the community. The relaunch will be scheduled as soon as possible after that. We expect a launch to be feasible early June.
Once again, we thank everyone who has been waiting patiently for their support.
Team Crosswise