DAO Maker hack victims still await reimbursement 3 years later
Investors say they lost thousands of dollars from the 2021 hack and never received a portion of the funds they were promised as compensation.
The DAO Maker crypto fundraising platform, not to be confused with the MakerDAO stablecoin protocol, is attempting to raise hundreds of thousands of dollars to fund new Web3 projects in 2024. However, victims of its August 2021 hack say the project never reimbursed them for the losses they suffered in the attack, even though its development team promised to make all victims whole again.
Victims also claim that DAO Maker is liable for these losses, as the hack was allegedly the result of a private key compromise suffered due to its developers’ negligence.
DAO Maker was first exploited in August 2021, when approximately $7 million of users’ funds were stolen. The development team later acknowledged that the exploit had occurred because of a private key hack. At the time, it agreed to partially compensate investors with an immediate airdrop of 500 USD Coin (USDC) per person. The remaining compensation was to be paid through an IOU token called “USDR.” This token would become redeemable for the protocol’s native coin, DAO, at prevailing prices within one year.
However, victims of the hack told Cointelegraph that USDR redemptions were never allowed and that they still have not been compensated for their remaining losses. In addition, decentralized finance (DeFi) researcher SOMA Analytics has claimed that DAO Maker forced through a proposal with its governing body to cancel the reimbursement plan, using its large token supply to ensure the vote’s outcome. According to the researcher, the proposal was deleted after its passage, allegedly as part of an attempt by the team to remove evidence of its failure to reimburse victims.
DAO Maker, based in Prague, is completely separate from and has no relation to the similarly named MakerDAO stablecoin protocol.
DAO Maker gets hacked and offers compensation
DAO Maker is a fundraising platform for technology startups, with a particular focus on raising money for Web3 protocols governed by decentralized autonomous organizations (DAOs). According to its official website, the protocol signed on “more than 75,000 retail users interested in early-stage ventures” in 2020 and has “200,000+ KYC’ed users.”
As per CoinMarketCap’s description of DAO Maker, the project offers several different systems for investors to participate in new token offerings. One is called a “Strong Holder Offering (SHO),” wherein investors purchase DAO tokens and use them to allocate “DAO Power” to a particular coin offering. The more DAO Power they allocate, the more likely they are to win a participation slot for a particular offering.
If they win a slot, “their allocation will be automatically funded by their USD Coin (USDC) balance” and the investor will be allowed to use these funds to purchase coins in the offering, CoinMarketCap states. The description cites official DAO Maker documents that have since gone offline.
Related: What is a crypto launchpad, and how does it work?
In the 2021 hack, the SHO contract holding these USDC funds was exploited, and $7 million was stolen. In a Medium post on Aug. 12, 2021, the DAO Maker team acknowledged that the hack was caused by “malicious use of one of our wallets with access to admin privileges.”
On Aug. 17, in a separate Medium post, the team announced a plan to compensate investors. The announcement was also shared on the team’s official Telegram channel. The team claimed it would airdrop 500 USDC immediately to each investor impacted by the hack. On Sept. 8, 2021, the remaining losses would be covered through an “IOU token” called USDR. One year later, on Aug. 8, 2022, each USDR token would be redeemable for $1 at a 1:1 ratio plus 10% interest denominated in DAO tokens. “Each USDR token is equal to 1.1 worth of DAO, 1 year after it is airdropped,” the announcement stated.
As an example of how the redemption process would work, the plan considered a user who had lost $1,000 in the hack. This person would “receive 500 USDR tokens on September 8, 2021. […] After 1 year, they can be redeemed for $550 worth of DAO tokens,” DAO Maker stated.
Both Medium posts were later deleted, but archived versions are still available on the Wayback Machine.
Victims claim USDR redemptions were never allowed
DAO Maker investors told Cointelegraph that the project’s promise to redeem each USDR for $1.10 was never honored by the DAO Maker decentralized autonomous organization nor by its development team.
One investor Cointelegraph spoke with, who used the username “Red Drac” on Telegram and spoke on the condition that their real name not be revealed, claimed they lost $2,000 from the hack. They said they deposited $2,000 in stablecoins to a “pre-deposit” contract. But when the August 2021 hack occurred, this contract was drained, and they lost all of it. Red Drac stated that after the compensation plan was announced, they received 500 USDT (USDT) — and that they also received 1,500 USDR at a later date. However, the USDR was never allowed to be redeemed for DAO as promised.
According to Red Drac, they eventually discovered that a liquidity pool for USDR existed and that they could sell into this pool to cash out early. However, the tokens “were not in a 1:1 ratio to USDT.” Instead, the tokens were being sold at “something like 80%” of their par value. As a result, Red Drac did not sell their USDR into the pool, and these tokens are still sitting in their wallet today.
He claimed that this USDR is nearly worthless now, as there is presently no way to exchange it for other cryptocurrencies. The previously existing liquidity pool was later shut down, leaving holders with no means to cash out. Red Drac acknowledged that they can use the tokens to gain DAO Power within the DAO Maker platform, but they claimed that the tokens “are not that much value because those allocations [don’t] guarantee me that I will actually earn something.”
Telegram user Zztelecom told a similar story, claiming they received 500 USDR as compensation for their loss from the hack. Months later, the token began trading for $0.60 to $0.80 per coin. With such a high discount, they decided to buy roughly 10,000 coins, which they expected to be able to redeem for $10,000 worth of DAO once the tokens became redeemable.
But the tokens never became redeemable and are now worthless on the secondary market.
“The DAO Maker team decided to fool everyone,” Zztelecom said. “Trading stopped. […] In the end, they said that each USDR = 1 DAO Power and we can participate in sales with their help, but we cannot send them to other wallets because DAO Power will be lost.”
Related: DeFi protocol Unizen to provide ‘immediate reimbursement’ after $2.1M hack
Claims of a DAO Maker cover-up
In addition to these claims from victims, DeFi researcher SOMA Analytics claimed to have evidence that the team tried to cover up its abandonment of the USDR redemption process. The researcher published the work via a Notion workspace and is unaffiliated with the nutritional supplement blog of the same name.
According to SOMA, the DAO Maker team created a proposal to abandon the redemption process for USDR. This proposal was allegedly passed by DAO Maker — but was then deleted from its Snapshot webpage. They claimed that the DAO Maker team likely used its own tokens to outvote the majority of tokenholders, ensuring the vote would turn out the way it wanted. It allegedly distributed tokens to new wallets in an attempt to obfuscate its role in the proposal’s passage.
“Between October 3rd and October 5th, [2022], a unique USDR proposal surfaced on DAO Maker’s official Discord from some user named @Dante.eth,” the researcher stated. SOMA claimed that this proposal has since been deleted but was copied by other community members.
According to this copied version, the mysterious user Dante.eth argued that redeeming USDR would have “a massive impact on the price of $DAO for everyone and the token price might never recover.” Purportedly for this reason, the user called for a vote that offered three options for the redemption process. The original proposal to redeem USDR for DAO at a 1:1 rate was not one of the options listed.
Option 1 was for the decentralized autonomous organization to algorithmically sell DAO tokens and airdrop USDC to holders of USDR at a 1:1 rate. This would have allowed holders to be fully compensated, but with stablecoins instead of DAO tokens. Option 2 was to distribute DAO tokens from a Venture Yield partnership to USDR holders once a year. Option 3 was to redeem USDR at only 50% of its par value.
The option to redeem at 50% of par value (Option 3) passed, with 61.72% of tokens being used to vote in favor of it. However, the researcher claimed these 61.72% of votes were cast by only six wallet accounts. The majority of accounts voted for Option 1, but these small holders reportedly did not possess enough tokens to outvote the six whales that voted for the 50% haircut.
The hack victims acknowledged that the USDR token allows them to obtain DAO Power, which gives them a greater chance of participating in token offerings they are interested in.
Yet despite the DAO vote for a 50% redemption, SOMA Analytics claimed that even this compensation was never distributed by the team. “From what I recall, there was never any claim portal, and people got simply nothing,” they stated in a message. Instead, according to their report, the team allegedly decided to make USDR unredeemable and allow holders to gain DAO power with it instead. The DAO Power that can be gained from the tokens is not transferable, making the token essentially worthless in the secondary market today.
According to SOMA Analytics, the six wallets that voted for the 50% haircut “were created just 10 days before the voting, received substantial amounts of DAO within the same two days (with funds possibly obfuscated through a CEX), and voted exclusively for Option 3.” In their view, this provided a strong indication that the wallets were created by some person or group that was holding a large percentage of the DAO token’s total supply, such as the protocol’s development team. It also indicated that whoever voted for the proposal did not want their identity to be known, as they went through the trouble of creating new wallets solely to participate in the vote.
Cointelegraph could not independently confirm which wallets voted for the proposal, when they were created, or how they were funded, as the proposal has been deleted.
Cointelegraph contacted the DAO Maker team for comment but did not receive a response by the time of publication.
DAO Maker continues to provide fundraising services to Web3 startups. According to CoinMarketCap, the DAO token has a market cap of $153 million, making it among the top 400 cryptocurrencies.
Related: DAO Maker founder builds game based on abandoned Logan Paul project in just 30 days
Responses