Decentralized Exchange Swaprum, which was recently audited by CertiK, is reported to have disappeared with nearly $3 million in customer funds. Now a section of crypto users is blaming the auditing firm for approving a rug pull.
Rug pulls occur when developers launch projects that seem legitimate in the beginning, but after some time, they disappear with investors’ money. Many decentralized finance platforms that aim to automate services offered by brokerages and banks are getting hit hard by rug pulls and hacks because the space is relatively new.
Security company PeckShield tweeted on Saturday that Swaprum developers converted the exchange’s native token SAPR to 1,630 ETH and then transferred them to coin mixer Tornado Cash in an effort to obscure the funds’ movements.
The Arbitrum-based decentralized exchange has deactivated its social media accounts, but the protocol is still active.
CertiK Audit on Swaprum
At the start of this month, auditor CertiK conducted an audit on Swaprum and reported that it had not found any critical risks. The firm, however, noted that the platform was too centralized, giving developers access to investor funds.
Nonetheless, the crypto community on Twitter criticized Certik for allegedly providing a misleading audit report following the rug pull. Mikko Ohtamaa came to the auditor’s rescue by tweeting that CertiK has the right to choose the companies it wants to do business with.
Meanwhile, CertiK has defended itself by arguing that it had recommended several changes to the Swaprum team, although there was no guarantee they would implement them since the auditor cannot force its clients to do so.
The auditing company has also provided a possible scenario that may have led to Swaprum’s exploit. It claims that the developers might have replaced some code in the audited smart contract with a malicious one to execute the rug pull.
Another Project Audited by CertiK Rugs
A few weeks ago, another decentralized exchange, Merlin, which was also audited by CertiK, made away with $1.8 million in investor funds. The auditor blamed rogue developers for the exploit. In a Twitter thread, Merlin also called out some members of its Back-End team for draining the exchange’s smart contracts.
SureTradeGroup.com is not responsible for the content, accuracy, quality, advertising, products or any other content posted on the site. Some of the content on this site is paid content that is not written or posted by our writers or editors and the opinions expressed do not reflect the opinions of this website. Any disagreement you may have with brands or companies mentioned in articles will need to be taken care of directly with those specific brands and companies. The responsibility of anyone who may click links in our articles and ultimately sign up for that product or service is their own. Forex, Stocks, Cryptocurrencies, NFTs and Dogital Tokens are all a high-risk asset, investing in them can lead to losses. Readers should do their own research before taking any action.