Referendum #1322: Rebond DOT from Parallel Fi accounts - Description below
Goal of the Proposal:
- To rebond all balances related to the attack.
- The approach does not impact the sovereignty of the funds but delays availability of funds
- It allows the Parallel team to win time and explore alternatives to regaining control of their parachain governance.
Context:
An account took control over Parallel Fi governance, upgraded the parachain's runtime and used it to transfer out over DOT and USDT. The account executed a malicious runtime upgrade, introducing a custom "sudo" pallet, granting themselves administrative privileges on the parachain. Through the proxy account, they successfully transferred DOT from three of the parachain’s DOT staking ledger accounts to their account. To obfuscate the trail, the account moved assets across parachains: including from AssetHub USDT to Moonbeam (most channels between parachains have been closed by now). The account is still actively unstaking staked DOT through an added proxy.
To fix this a root proposal is needed: however given the time calculated until unstaking ends, might make a root proposal unsuccessful. This whitelisted proposal aims to issue a simple rebond call to restake the DOT to buy additional 28 days of time for Parallel: providing time for the team to look into options to regain control of its parachain governance. The addresses in which DOT is to be rebonded are:
14quGMw2tot6JxY2wSyk1Vc1uns3EmMRs2eQS2C66Mdv6uE9 (22.649 DOT) 19cnUyebu52RUt4Rt67brDmmnVdaDD37xdxKbaJ7tuLnLfu (74.614 DOT) 16kTs7tsJ6tYYWAXSWDmm4vYnRTFPWEhXTk4rNCtbw6NRvte (1.566 DOT) 16ZbwPMyrp9yTbPScDqm9btzcNVKKQ5MHcMQp4rA1ztF4sBA (101.322 DOT) 1dMif8G4jrXsdPSkvF87uBfaiahh2EvC9fPnsi91v4i1xKC (3.413 DOT)
These addresses hold Parallel Fi funds.
Call data: here.
Preimage hash: here.
This proposal, given its root need, has been submitted via Whitelisted Caller Track. A proposal to whitelist the submission is up for vote on Technical Fellowship as well. Please note that relay chain is not affected by this event but we aim to assist the Parallel parachain community in taking back control of these accounts.
Please make sure to review and vote at your convenience!
Comments (10)
Proposal Passed
3
of 3Summary
0%
Aye
0%
Nay
Aye (246)0.0 PAS
Support0.0 PAS
Nay (9)0.0 PAS
Comments (10)
If the attackers of Parallel Fi governance, have the sudo key can't they just make more or unbond right away?
For transparency purposes, I am sharing a submitted proposal/discussion from the attacker: https://polkadot.subsquare.io/referenda/1326.
My request: to rebond the tokens at risk to provide for more time to analise the situation (comment here).
If the attackers of Parallel Fi governance, have the sudo key can't they just make more or unbond right away?
For transparency purposes, I am sharing a submitted proposal/discussion from the attacker: https://polkadot.subsquare.io/referenda/1326.
My request: to rebond the tokens at risk to provide for more time to analise the situation (comment here).