$1.7M lost by base asset tokenization protocol due to leakage of private key

Grand Base (GB), a protocol for tokenizing real-world assets on Coinbase’s layer-2 blockchain, has experienced losses of $1.7 million due to a compromise of its private key. An administrator in the protocol’s Telegram chat notified the community of the exploit and urged them to avoid interacting with the contract. PeckShield, a blockchain analytics firm, reported that the theft resulted in $1.7 million worth of tokens being taken from Grand Base’s liquidity pools and exchanged for Ether (ETH), which was sent to an external address. As a result of the incident, the protocol’s native token saw a 99% decrease in value within 24 hours. The Grand Base administrator emphasized that the token contract was no longer safe and advised users not to swap or engage with it. The hacker gained control of the Grand Base deployer contracts and minted an excessive number of GB tokens without permission before withdrawing them. The Grand Base team claimed to have tracked the hacker’s wallets and were in discussions with exchanges to freeze any funds being moved. Users expressed disappointment and cautioned others against depositing any more money into the protocol. Some users speculated that there were hidden loopholes in the contract, questioning whether the developer intentionally left them or not. Prior to the attack, the maximum cap for GB tokens was 50 million. Grand Base, which allowed users to deposit collateral and mint ERC-20 tokens representing real-world assets, launched less than five months ago. It aimed to provide liquidity and rewards for tokenized assets.