Summary

The Mangata X parachain got attacked by a governance attack and 11_700 KSM were being transferred to the attackers holding account. This proposal requests to return 10_530 KSM (90%) of the funds to the parachains sovereign account.

Kusama needs to send a strong signal that it cares about the funds of its users.

Context

On 6th October 2022, the Mangata X parachain was targeted with a governance attack which resulted in attackers gaining voting rights on the on-chain Council for a brief time.

The type of the attack was novel. Instead of a technical hack the attacker used a hostile takeover of the council to introduce Mangata X Motion #0 to authorize transferring 11_700 KSM from the parachain sovereign account on Kusama to a Kusama holdings account via a specially crafted XCM message. We regained control of the council and countered the actions taken by the attackers in full.

The missing amount has been replenished with our funds to ensure continued operations. No user has their funds affected. Mangata X is fully operational and safe. Users do not need to take any additional action.

A full breakdown of the attack can be found in the Council Incident Report.

Request for Comments

These funds were stolen by the attacker and we ask they are returned to the rightful owners.

We are currently exploring options to use the Kusama governance and return the stolen funds to the sovereign account of the Mangata X parachain. Our proposal is to return 10_530 KSM via a forced transfer. With this action, we would be leaving 10% of the funds in the attacker’s account. This serves as bounty for making the Dotsama ecosystem aware of the risk stemming from the governance setup, which allows in specific situations to take control of on-chain councils. Until we have other information, we will perceive this as a white-hat event and will restrain from legal steps.

We ask for your feedback and support to help recover the stolen funds and send a strong signal that the Kusama community cares about the funds of its users.