Dealing with cryptocurrencies can be a lucrative business. In some cases, it can also lead to major financial losses. One firm in Australia has lost $6.6 million due to a deal gone awry involving Soarcoin. It seems this particular cryptocurrency was backdoored by the developers.
The Soarcoin Deal Is a Bust
Byte Power Party Ltd. and Soar Labs had engaged in a business relationship. On paper, that makes a lot of sense, but the reality is very different. A total of $6.6 million worth of Soarcoin – the native currency of Soar Labs – was stolen from Byte Power Party Ltd. along the way. While both companies settled their issues outside of court, the heist still raises a lot of questions. It seems Soarcoin itself was a Trojan Horse of some sorts.
Soar Labs issued their own token a while ago. Residing on the Ethereum blockchain, Soarcoin has attracted a bit of attention from all over the world. Additionally, Soar Labs announced they would gain a minority stake in Byte Power Party Ltd. for a total of $5 million. In return, the other firm was to set up a cryptocurrency exchange in Australia. As such, the transaction was concluded in Soarcoin, which may have been a terrible decision. Only $100,000 of the total transaction value was paid in cash by Soar Labs.
The situation became unhinged in early 2018. Byte Power Group told the Australian Securities Exchange (ASX) the Soarcoins held by its subsidiary had been suspended. Soar Labs had accused the Byte Power Group of not selling the cryptocurrency at “manageable levels” and using it to pay off debts. Soar Labs wrote in a letter:
In the interest of market protection of SOAR, any and all SOAR token holders and overall integrity of SOAR, this constitutes reckless and negligent actions … and constitutes breach of agreement.
Devil in the Details
The Soar Labs team decided to withdraw the coins held by Byte Power Group, made possible thanks to a backdoor. More specifically, the token’s code has seemingly been identified as malicious. The smart contract used for this token allowed the developers to remove the coins without repercussion. In fact, Soar Labs could remove Soarcoins from any wallet that contains them via this backdoor.
A very worrisome development which only further highlights the need for independent smart contract audits. Soar Labs claims there is no backdoor, yet they did revoke the coins regardless. They claim the code is in plain sight. Whether or not that was the right move remains up for debate.
As stated above, the two companies came to an agreement. Soar Labs will pay $1.7 million and 5 million Soarcoins to Byte Power Group. In addition, they will also give up their 49 percent ownership of Byte Power Party and hand it over to Byte Power Group. Law enforcement had been treating the case as a criminal investigation, but there’s been no word on whether the investigation will continue now that the lawsuit over the withdrawn cryptocurrency has been settled.
What do you think about the coins being withdrawn through a trapdoor? Let us know in the comments below.
Images courtesy of Shutterstock and Soar Labs.