disclaimer

Only governance can make the formal accusation of theft and this is merely a collection of evidence in my own opinions on the evidence. Everyone should be presumed innocent until proven guilty by use of trial by governance.

Additionally, there is a German TCV team member (@fragwuerdig ) named till, who has been serving as a part of the L1TF. L1TF. His national origin is named here to aid reports to police agencies because unlike The founder of this chain, there is absolutely nothing gray about this situation, in my opinion. I must repeat, this is my opinion based on available information, not an attempted defamation or any of the sort, if TCV team members have evidence that they did not commit this attack, they should reply to it in this thread. I do not believe such evidence exists because blockchain cryptographic ledgers are extremely clear. I would urge the community to only address information that can be confirmed on one of the two chains in question, injective and LUNC.

Notional labs has zero tolerance for theft or thieves.

Summary
TCV launched terraport, a smart contract that contained deliberately placed vulnerabilities. They then blamed a third party for the vulnerabilities because they can’t code so they subcontracted the code. The trouble is, it’s impossible to only blame the subcontractor, because they created the IBC routes necessary to exfiltrate the stolen funds as well. Specifically, the stolen funds were exfiltrated over IBC to injective. TCV very recently created those channels.

TCV has been given 24 hours to permanently shut down their validator by removing 100% of self-bounded stake. This will not harm delegators.

Motivation
Justice

Proposal

• Tombstone the TCV validator in a software upgrade
• Slash Every wallet connected to the attack by draining balances to zero into the community pool
• Declare that LUNC governance will not tolerate thieves and that TCV are thieves

Uhhhh what the hell is this on governance? Is this some kinda scam?

People are are voting on this without even asking us.

This is ALSO IBC and this is ALSO Injective.

My God, it is my request to the community and to validators. Please be a little bit more intelligent and cautious.

… unless they themselves are involved in this.

He just saved our entire Community and Oracle Pool. You have no idea. I am serious. I just alerted everyone.

If the proposal passes, instantly our CP and OP will become 0.

Please elaborate. .

I hope thats the case aru.

While I do agree that TcV has been acting very suspiciously and the evidence points to gross negligence. The external contractor that TcV alludes to either had access to all parts of the code, including all the wallets, including keys to the validator or it was more of a…concentrated plan.

Seeing as the Lp drain happened 2 days before IBC proposal was put up - the so called contractor must have been one very trusted guy, having access to TcV wallet.

Yet, as it stands - innocent until proven guilty.

That’s a ridiculous statement.

The proposal doesn’t have a spend on it so no CP funds will be touched.
You can’t access OP.

Validators would need to deploy the tendermint upgrade and restart terrad. @faddat can correct me if its somehow automated deployment.

IBC client opening is suspected to be part of the TcV thiefs plan, so the Terraport thievery funds can be carried out to the big blue yonder.

Nodes againts (but support another, 11462 scam). Calm down.

And always be careful, read.

you have serious problems. You really can be anything but a programmer. what is your purpose? you have no job and you go and find this conspiracy theory? Are you an intelligence agent?

• I was not part of the Terraport development team in any shape or form
• I emphasize that I did not contribute any code or technical assistance to any part of the Terraport project whatsoever
• I did not provide any kind of help/assistance for people to participate in any of the Terraport presales
• Yes I was part of the TCV Discord Server moderator group
• I received no form of compensation for being in that position (be it crypto, fiat or goods)
• I did not receive any other form of compensation for my affiliation with TCV
• Yes, I publicly talked about the Terraport project going out from the facts that I had in front of me at that given time (which was the Terraport Whitepaper)
• But again received no kind of compensation for this whatsoever
• I never provided any kind of financial advice to anyone

This seems to be another desperate attempt for Jacob to try bring down the community, it will not happen, we stand united and will expel these bad actors !

No no he is right this time. 100% sure. TCV is not right for the chain. They need to be removed. They uploaded the sc(am prop also to siphon money from us.

First of all, I dunno what you are dissing him for. Have you seen his GitHub? While you guys were saying he’s gone crazy, he has been committing to Git just btw.

I dunno whether this looks like a crazy person to you, but it sure does not to me.

I did see his Twitter but I can see his Git also.

So I am slightly confused about the person you guys are describing him as, and the person he seems from his Git commits.

Jacob,

As explained and relayed on Twitter (/luna_lover69/status/1646849381683941380) – which I believe you saw, since you liked the tweet, TCV had nothing to do with this IBC client proposal.

It was submitted by Achilleas from Injective – please feel free to confirm with him directly.

Lack of communication and some oversight on my part I should say, but again, this is not TCV’s doing and there is not point blaming them for this particular matter.

Gut_Daddy will need to see more evidence to decide on this matter

Please ask Achilleas from Injective to create a new post on this Agora forum with a link to the compiled binary.

We wanna check it once before it goes live.

We already have many people checking the Terraport contracts currently. They would not mind checking this one as well. I will request them personally to check it if needed.

From the proposal, it is clear that what is written in the description is not the same tendermint client number as the one which is being updated.

You can check it yourself.

There is definitely a mistake here and we wanna reconfirm whether this has been uploaded by the same person and whether this is the same contract that is supposed to be updated.

Otherwise this cannot be passed since this could potentially lead to exploits on the chain that we may not have control over.

Post a proof or stfu

You on the crack pipe again ? Wish you would keep your nose out of lunc

Toxic clown, go play with crack.
This world is not for you.

TCV I’m with you

Terraport was developed by your validator team, TCV. Use of a subcontractor doesn’t change this in any way. TCV is grossly negligent.

You contributed your identity and brand, you endorsed terraport, much more than tacitly.

TCV’s twitter says that you did. Have reciepts. You didn’t object to their tweet when they made it.

and TCV said people could contact you for presales.

So?

You don’t own a stake in the validator commissions, not even forward looking? Why are you even affiliated with TCV if this is true?

And you’re a programmer and your name was on the project and you did not even bother to glance at the code.

So?

So?

Thanks for replying. All on chain evidence points directly at your validator team. Nonetheless I think it was the subcontractor.

Because slow mode is enabled, I cannot edit my original post. Here’s how I would edit it.

---

disclaimer

Only governance can make the formal accusation of theft and this is merely a collection of evidence in my own opinions on the evidence. Everyone should be presumed innocent until proven guilty by use of trial by governance.

There is absolutely nothing gray about this situation. I must repeat, this is my opinion based on available information, not an attempted defamation or any of the sort, if TCV team members have evidence that they did not commit this attack, they should reply to it in this thread.

Notional labs has zero tolerance gross negligence leading to theft or thieves.

Summary
TCV launched terraport, a smart contract that contained deliberately placed vulnerabilities. They then blamed a third party for the vulnerabilities because they can’t code so they subcontracted the code. The trouble is, it’s impossible to only blame the subcontractor, because they created the IBC routes necessary to exfiltrate the stolen funds as well. Specifically, the stolen funds were exfiltrated over IBC to injective. TCV very recently created those channels.

update

100% of the on-chain evidence points to TCV. Additional sources that I deem reliable have informed me that they’ve extensive evidence that a third party hired by tcv on an internet forum executed the attack and this is why all the evidence points to TCV.

TCV is grossly negligent, but not thieves.

TCV has been given 24 hours to permanently shut down their validator by removing 100% of self-bounded stake. This will not harm delegators.

Motivation

improve the blockchain ecosystem by showing total intolerance to gross negligence

Proposal

• Tombstone the TCV validator in a software upgrade
• Slash Every wallet connected to the attack by draining balances to zero into the community pool
• Declare that LUNC governance will not tolerate theft or gross negligence and that TCV are grossly negligent

Tomas, are you currently trying to claim to me that we should not blame validators if they choose to promote a token that includes for a 100% theft due to their grossly negligent hiring practices?

It is very worrying to me that given the additional closely held information that has come to bore recently, some people and teams are still trying to claim that TCV is “innocent”. TCV most likely are not the actual thieves, but TCV are most certainly grossly negligent and when additional information comes to light, that’ll be painfully apparent.

Advice

• don’t hire randos on internet forums
• to the greatest extent possible, don’t use email
• if you promote and launch a dex made by a subcontractor, you’d better audit it (tcv did not)
• communities, should not tolerate gross negligence. Punishing grossly negligent validator teams is the correct thing to do.
• VAAS providers should not tolerate gross negligence. If high stakes runs equipment for TCV, high stakes should unplug it to protect itself from TCV’s negligence.