Home

News

https://solidproof.io/img/placeholder/blog-placeholder.png

Solidproof.io · 2023/12/05 · Read 1 min, 10 secs

Response to the private key leakage of Waygate's development company

In response to concerns raised by the Waygate team, SolidProof conducted a thorough investigation into the reported exploit related to the deployer wallet. Our technical team identified several actions within the contracts, such as approving, minting, and upgrading, which were executed by the deployer wallet, initially owned by the development company hired by Waygate. However, even after the development company transferred ownership to Waygate, the ownership of the proxy still resides with their external blockchain development company, giving them the ability to upgrade the contract, altering minting functions and ownership, as observed in this incident.

For a detailed report on our investigation, please refer to the link below:

https://github.com/solidproof/projects/blob/main/Waygate/Waygate_Statement.pdf

We emphasize the importance of choosing reputable and registered companies for development and security services. Ensure that the company you entrust with such vital services is fully legitimate. Any licenses, certificates, or awards that are not clickable and cannot be verified should be considered a red flag.

SolidProof remains committed to ensuring the security and integrity of smart contracts and will continue to collaborate with clients to address any identified vulnerabilities promptly. We appreciate Waygate's proactive approach in bringing this matter to our attention, enabling us to conduct a swift and comprehensive analysis.

Safeguarding the blockchain community is our top priority, and we encourage open communication to maintain the highest standards of security.

Sincerely,

The SolidProof Team