My Seed Phrase Got Stolen, Wallet with 40k Radiant Investment Fully Drained

My overall loss is around 50k USD, there are some reports of this being a web3 vulnerability as there are increasing members who are getting their wallets stolen despite not having their seed phrase written anywhere online. Somehow the hacker is able to interact with metamask to export the seed phrase which is a huge vulnerability and a shortcoming of Metamask in the face of increasing threats.

I propose Radiant capital make an insurance / donation fund for users who lose their locked DLP, and therefore future earning potential, as now about 3k worth of DLP is locked in that wallet, but I cannot make any use of it as the thief will immediately drain any additional funds…

There must be a way to protect users who put faith in a web3 protocol and lock their capital, only to have their wallet stolen from them in more obscure ways that are not clear as to how it happened to even cyber security experts.

If web3 dapps can’t find a way to help innocent victims, and instead throw platitudes about defi and “Bearer asset” etc, this I think will only further alienate newcomers and mainstream, and the momentum of web3, a beautiful invention will either wither away or become centralized…

So I urge Team Radiant to empathize with their users, and offer a solution, to at least save the DLP. I discovered this project when it was in the ground floor, but now I can’t even interact with it, it’s really my darkest day in crypto…

As a DAO members of many other communities aside from Radiant, your case is far from unique. Unfortunately, losses due to user error are common and the DAO should not be responsible for the user’s own fault to secure their wallet properly.

What you’re suggesting will set a dangerous precedent, where bad actors can potentially claim they got exploited (even if they didn’t) and then ask the DAO for reimbursement.

I predict here and now that Dapps and organizations that ignore the community’s problems will have a 0 chance of surviving in crypto. Right now as it stands, new capital is extremely afraid of entering crypto as it’s a scammer’s paradise, and when faced with innocent victims, most protocols come up with incredibly tone deaf platitudes.
I am completely disappointed in Radiant Capital’s handling of this issue, I have about 4k USD still locked in DLP, and it’s an offense almost as upsetting as the theft itself that the DAO Admin doesn’t want to show any sensibility or empathy, and is suggesting nothing can be done…
It’s always the same double standard, “nothing can be done” when it comes to the needs of the individual, but if there were billions of dollars involved, or the future of Radiant DAO itself was in question because of a hack, then a completely different pragmatic tone would be taken.
It’s against the spirit of libertarianism and the very foundation of why crypto came to exist in the first place.
I hope Asian entrepreneurs like Hung Vu can delve deeper into the philosophy of crypto and react with more concern for the rights of the individual.

Technology like this does not exist yet. What you want is human involvement and that will guarantee the failure of a project sooner than ignoring a problem not related to the platform.

When you find a useful solution I’m sure we will adopt it quite quickly.

The useful solution is for DAO to have a built in agreement with a flash bot expert or a dev who can prepare bundled transactions, and extract the lost DLP as the unlock happens in cases like this to a burn wallet.

Meanwhile, the DAO can allocate to the victim his lost DLP on a safe wallet, given that the theft can be proven on chain, which is mathematically clear in this case.

So there are always ways to work with the community if the will is there, it doesn’t bode well for Radiant capital that the DAO admin doesn’t want to cooperate at all, when it can be resolved in a few simple steps…

1 Like

There can be a vote and the victim can voluntarily relinquish his seed phrase to the DAO, then the DAO dev’s use their blockchain expertise to extract any locked tokens via bundled transactions, victims gets compensated on his new wallet…

1 Like

I think user Vispilio raises some great points in this issue.

I also saw some of the discussions back and forth on discord, and was frankly appalled to see the team show disinterest in this case for the most part.

Like, if you don’t care at all about your community’s needs / problems, what exactly do you care about, your own pockets ?

At the very least, Radiant DAO could supply its investors with something like a bundled transaction tool to extract the locked tokens, so that the whole investment doesn’t get compromised in cases like this.

If you build a permissionless immutable protocol, you need to have some emergency tools for clear cut exceptions like this, an easy to use bundled transaction tool would be a great start.

I honestly empathise with you and sorry that you lost such a large amount. Idk what I would do of that was me. I would be completely devastated.

However, I can not see how radiant capital or any other defi project has any responsibility to reimburse users that are scammed or exploited resulting in lost capital.
It is not the fault of the project you lost your funds and it would be unfair to the whole community to set up a fund like this. It would be irresponsible and a complete miss use of funds if they did.

Even in the event we disregard the above. it simply would be impossible to implement. In the event a fund like this did exist, it would be completely abused by scammers who claim there funds were stolen when they have just sent there crypto to another wallet then double up by taking more coins from the reimbursement funds. It just couldn’t work.

It sounds like you lost your crypto from an infected computer. It is unlikely this is a MetaMask exploit that is the issue. If a hacker has infected your computer there is pretty much nothing you can do to stop them from getting into your wallets. Even if the virus cannot directly access your MetaMask and steal the seed phrase, which it is very possible they can. It could sit there idle and wait for the moment you unlock MetaMask and view your secret phrase yourself for it to steal it.
This is why you should have a cold wallet when you have so much funds in crypto. If you had your money in a ledger, safepal or something. There is no way for anyone to gain access to your wallet and your funds would be safu.