Statement on the Kannagi Finance Incident

Kannagi Finance is a yield aggregator protocol that contacted us on 5 June 2023 to audit their token contract. We completed the audit on 06 June, showing that it is a standard ERC20 without ownership privileges. A link to our audit report can be found here:
https://github.com/solidproof/projects/blob/main/2023/KToken/SmartContract_Audit_Solidproof_KannagiFinance.pdf

The token that we audited can be found here and is verified:
https://explorer.zksync.io/address/0x26aC1D9945f65392B8E4E6b895969b5c01A7B414#contract

Important info: The team did NOT perform a KYC with us.

SourceHat, formerly SolidityFinance, audited the Vault Contract. The GitHub repository was deleted, and the code was not verified on zkSync. A link to the audit can be found here:
https://sourcehat.com/audits/KannagiFinance/

The vault that was audited by SourceHat is located here and is not verified:
https://explorer.zksync.io/address/0x6E415ba5a37761256D13E84B45f4822c179DEF47#contract

We are currently assisting Kyber Network with the investigation of the incident. We have already determined that the fraudster is most likely a person in the Chinese region. We will continue to track the wallets and take further steps. At this stage, we suspect the damage amounts to approximately USD 2.4M.

If you have any concerns or questions, don't hesitate to contact us via our channels!

Sincere regards,
Your SolidProof.io team