During a well documented livestream on Oct 19, 2021, EcoFi team members, under the guidance of the Revest team, locked a total of 7 million ECO tokens from the EcoFi team address into a Revest FNFT. The locked ECO was to be released either after 18 months, or in 1 million token tranches based on the token price, in increments of 50 dollars until all ECO tokens were released.
On March 27th, 2022, at 1:41 AM UTC, Revest Protocol suffered an exploit, resulting in the theft of all 7 million locked ECO tokens. The thief in turn dumped the stolen tokens on the market, resulting in an immediate negative price impact for the ECO token market.
A full post-mortem on the hack published by Revest revealed the specific nature of how it is believed the Revest code was exploited. The hacker created a custom contract that sent multiple calls to the Revest contract, enabling them to generate FNFTs designed to steal the targeted tokens and bypass any established waiting periods.
In the announcement Revest states that although their code was audited by Solidity.Finance, they did not secure any DeFi insurance, and thus are unable to fully financially compensate those who suffered financial losses as a result of the hack.
Although the EcoFi time is currently attempting to work towards a solution, this theft has officially exhausted the company’s capacity to offer liquidity to the ECO token market.
When we founded EcoFi it was always our intention to turn the protocol over to the community. We are exploring what immediate next steps must be taken in order to do so, and will provide an update soon.
