The Impact of the Recent Haven Protocol Mint Exploit
- Haven Protocol experienced a mint exploit, resulting in over 500 million XHV tokens being illicitly minted
- The exploit led to a significant drop in the price of the XHV token by more than 60%
- The hacker(s) exploited a vulnerability in the range proof validation code introduced during the Haven 3.2 rebase to Monero
Haven Protocol, a prominent blockchain project known for its mint-and-burn mechanism, recently fell victim to a mint exploit, causing a sharp decline in its token value.
The exploit enabled a hacker to create a large number of XHV tokens, overwhelming the supply. Following the breach, the price of the Haven token (XHV) plummeted by over 60%, dropping from $0.0003594 to $0.0001341.
Details of the Haven Protocol Incident
The Haven Protocol team disclosed the exploit through their social media channels, revealing that more than 500 million XHV tokens were fraudulently generated.
⚠️ Haven Mint Exploit ⚠️
Unfortunately we’ve been hit by an exploit.
This was identified when querying the amount of XHV on exchanges.
The number reported to us is in excess of 500 million XHV. $XHV
🧵👇🏼— Haven Protocol (@HavenXHV) December 10, 2024
This anomaly was discovered during an examination of exchange supplies, contradicting the audited supply of 263 million tokens. The developers traced the breach back to a flaw in the “range proof validation” code implemented during the Haven 3.2 rebase to Monero.
This vulnerability allowed the creation of XHV tokens without detection, as the minting process occurred post-audit. The surplus tokens were not included in the audited supply figures, highlighting a significant security loophole in the protocol.
The exploit has had a substantial impact on the market position of XHV, a project that saw its token reach a peak of $28.99 in April 2021. The incident has exacerbated its decline, with the current price reflecting a loss of confidence in the protocol.
In response, Haven Protocol urged its community to refrain from purchasing XHV on exchanges while they work towards resolving the issue. The team acknowledged the severity of the breach, expressing remorse and committing to providing further updates as discussions progress within their Haven Operations Committee (HOC).
