OracleSwap suspends FTSO operation after private keys compromised
Flaremetrics has urged delegates on OracleSwap to revoke access and change to other FTSO operators, following a compromise of the validator’s private keys.
OracleSwap is a DEX protocol on the Songbird Network that allows users to earn interest for delegating their Flare and Songbird tokens.
The FTSO provider disclosed on Jan. 29 that its private keys have been compromised in the course of making its code open source.
OracleSwap explained that it had to make its v2 repos public so the FTSO community could see the devs that worked on the repos. However, its private keys were disclosed as a result of the reveal.
Consequently, FlareMetrics has urged delegates on OracleSwap to change to other FTSO providers to avoid having their rewards stolen by bad actors. Currently, there are nearly 40 FTSO providers on Flare Network, according to FlareMetrics data.
In addition, delegates are advised to revoke all access to OracleSwap as its compromised keys may give a significant amount of voting power to bad actors.
In the meantime, OracleSwap said it would burn the codes and work on a new contract.
OracleSwap will start a fresh FTSO infrastructure under new addresses after the improvement proposals are implemented,” OracleSwap added.