Kind of crazy what you can build with @Rugcheckxyz API's, its a game changer. Combine that with agents, and it really opens the options and speed to market for new builders.
Wouldn't be surprised to see a ton of @colosseum entrants using these and the new dexstream/data API's to get a big head start.
Rugcheck now offers multiple APIs with fresh reports, no caching delays, and websocket support for real-time token risk data on Solana!
Sign up for a free plan on @FluxRPC, then unlock access to all Rugcheck APIs.
Check it out: https://t.co/iS51RRO3ab
Full API docs: https://t.co/AJo4MIJTp4
Passing an audit doesn’t mean your funds are safe.
Audits check the code. Humans control the protocol.
And humans? They’re the easiest target. Social engineering, bribes, hacks on founders, and it keeps happening.
The biggest risk isn’t the smart contracts anymore. Its humans.
People get compromised. History proves it over and over.
Stay vigilant.
Looks like somehow they manage to update the admin key in the root state, effectively locking Drift out of their own admin functions so they couldnt freeze the contract
Events:
* Updated admin state on core program account
* Created a new market (CVT)
* Increased withdraw guards
* Began draining all pools
* Swapped & bridged out
The interesting thing about this all is the admin update was triggered via squads
Looks like it was internal compromise as 2 signers approved the UpdateAdmin call which caused all this
https://t.co/sQLaebsZMl
Yup looks exploited... RIP
Seems they deposited some absolute garbage into a vault then borrowed against it (CVT - Ai16z-Perps)
Instead of showing off mclarens at BP they should of put that money towards some more security audits.
If your dApp routes trades… you should also route risk signals.
Get the Rugcheck API, the silent protection layer for on-chain traders.
DM for inquiries.