Original author: Eric, Foresight News

Last night (Beijing time), Binance Alpha launched an airdrop of GAIN, the token of the Web 3 AI project GriffinAI, to users with a GAIN score of 210 or higher. However, just 12 hours after the airdrop ended, GriffinAI was hacked, with 5 billion GAIN tokens maliciously issued. This caused the price of GAIN to plummet from a high of approximately $0.163 to approximately $0.003 within an hour, nearly reaching zero. As of this writing, the price of GAIN has rebounded to around $0.026.

Around 9:30 AM, the hacker began trading the newly issued GAIN for BNB, then cross-chain trading to Ethereum, and began transferring the stolen funds to Tornado Cash. After an investigation, GriffinAI founder Oliver Feldmeier tweeted that the hacker launched the attack by introducing an unauthorized LayerZero peer and deploying a fake Ethereum contract (token TTTTT, address 0x7a8caf). This contract was added as a LayerZero peer for GAIN on Ethereum, bypassing the official contract. The hacker then used the fake Ethereum tokens through a LayerZero cross-chain transaction to issue additional GAIN tokens on the BNB Chain.

As of the time of writing, GriffinAI has removed the official liquidity added to BNB Chain and required the listed GAIN transactions to suspend GAIN deposits, transactions, and withdrawals on BNB Chain.

GriffinAI, which was attacked this time, is one of the few "representative works" of European Web 3 projects.

GriffinAI was founded in Switzerland. Its founder, Oliver Feldmeier, was previously the co-founder of SMART VALOR, which launched the first fully regulated digital asset exchange in Switzerland and Liechtenstein in 2019 and became the first European digital asset exchange to be listed on Nasdaq Nordic Market. GriffinAI's Chief Business Development Officer, Colin Fitzpatrick, was previously the head of Oracle's multi-cloud ecosystem. Its blockchain engineer, Roman, previously worked at Binance and Trust Wallet.

GriffinAI aims to build a technical framework that facilitates the on-chain integration of large language models and AI agents. By providing convenient access to centralized and decentralized AI services, it simplifies the development, deployment, and monetization of AI agents. GriffinAI's architecture consists of three core components: a decentralized AI network, an identity management and reputation system, and an AI agent framework.

• Decentralized AI Network: GriffinAI introduces a decentralized network of independent AI model and service providers. These providers offer managed LLMs, AI models, datasets, APIs, and other services. Service providers can be companies, projects, DAOs, or individuals. Each provider acts as a node operator, running the GriffinAI protocol software. Users can access these AI services through cryptographic primitives and APIs.
• Identity Management and Reputation System: GriffinAI has launched a decentralized identity registry and a distributed reputation system. The identity registry allows network participants to register their identities and public keys for authentication and message verification. The reputation system is used to record and evaluate the performance of node operators (service providers, client providers) and AI agents.
• AI Agent Framework: This framework provides developers with the tools and resources necessary to develop and deploy AI agents in the blockchain space. It includes the protocols and tool libraries necessary for agents to interact with blockchain functionality. It creates an environment in which AI agents can autonomously perform tasks and achieve their goals.

GriffinAI has currently launched a large number of AI-related products, including the open source AI Agent LLaMA Agent, AI Image Generator, DeFi AI Agnet TEA, and AI Agent Alpha Hunter that assists users in researching newly launched tokens.

Hackers begin targeting token issuance authority

Previously, a private key leak in the multi-sig wallet of the UXLINK team, a Web 3 social platform and infrastructure provider, led to a massive over-issuance of tokens, forcing them to issue new tokens to replace the old ones. Apparently, as DeFi protocol contract code matures, hackers are targeting token issuance permissions. Previously, the UXLINK project's multi-sig wallet was compromised, and now, attempts have been made to convince LayerZero peers on the BNB Chain to trust the legitimacy of fake Ethereum tokens in order to issue additional tokens across chains.

While a DeFi fund pool heist offers a chance for gradual recovery, the damage to a project from additional token issuance or a change in token issuance authority is almost permanent. Two malicious incidents this month serve as a wake-up call for project developers: while focusing on the security of project contracts, they must also consider the security of team control and token contracts. This is especially true for tokens that support cross-chain transactions, requiring extreme caution in the design of contract logic.