Update On Percent’s Launch

TL;DR

On October 1st when we launched Percent, several people pointed out that our core contract had the possibility of having funds stolen by the admin in the first 48 hours after launch due to a delayed transfer of admin privileges.

We publicly admitted this mistake, then notified users about it on Twitter, on our Discord, and via a warning on our website. As of this writing we have transferred the admin of our core contract to a timelock contract to eliminate the possibility of rug pull. All your funds are safe.

Our original plan

Transferring the admin keys of a contract is often simple and can be done with a single transaction from the original admin. We originally planned to initiate this transfer and set the admin of our core contract to our timelock contract within the first hour of the launch. The intention was to allow us a short window of buffer time (one hour) to be able to respond to any unforeseen issues.

What actually happened

Around ten hours before the launch, we realized that the process of transferring admin control of our core contract is a bit different from many other contracts. Instead of simply requiring one transaction from the original admin, it requires two transactions sent separately: one by the original admin (our deployer account) and one from the new admin (our timelock contract).

Sending a transaction from a deployer account can be done immediately; however, sending a transaction from the timelock contract requires 48 hours. This meant that the admin transfer would not take effect until around 38 hours after the launch. We didn’t initially see this as an issue, so we went forward with our scheduled timeline.

After launch, several people came into our Discord and expressed their concern that we would steal users’ funds in this window of time.

What we did

We continued the launch as scheduled, but offered warnings to our users on Twitter, in our Discord, and with a message on the website. We felt this was permissible because the delay of admin transfer doesn’t mean funds are unsafe, it only means there is a certain degree of trust in us that is required in using our platform for the first two days.

Public warning on Twitter

Warning on Percent UI

Moving forward

While the launch was successful and safe, we would like to publicly apologize for any inconvenience or stress we have caused. Our intentions are good, but we understand that intentions aren’t good enough for crypto users. The contracts are now trustless and your funds are safe from any interference as of Oct 3rd 3:00 UTC.

In the future, we commit to doing a complete review of any new contracts, focusing on the admin permissions and admin transfer process. This will allow us to make sure all future admin transfers will be on schedule.

Thank you for sticking with us on our journey to decentralization. If you have any further questions please reach out to us on Discord.

-%