Multichain: Arrested founder and family held all the keys
‘All the team’s funds and access to the servers are with Zhaojun and the police,’ the Multichain team said
Iaremenko Sergii/Shutterstock.com modified by Blockworks
Multichain revealed on Friday that CEO Zhaojun and his sister were responsible for the unauthorized withdrawals of over $130 million last week.
The team disclosed that Zhaojun had been detained by Chinese police on May 21 and had been unresponsive ever since.
Its protocol has a multi-party computation (MPC) system, similar to a multi-signature wallet. Multichain said these MPC node servers were operated under Zhaojun’s personal cloud server, meaning access was limited to him alone.
Moreover, authorities confiscated all of his devices, including computers, phones, hardware wallets and recovery phrases.
“This also means that all the team’s funds and access to the servers are with Zhaojun and the police,” they said.
Following Zhaojun’s arrest, his family is believed to have accessed the cloud server platform using information from his home computer.
However, they granted limited access to Multichain’s team engineers solely for the purpose of addressing specific router-related technical issues, they said.
IP address linked to fund transfers originating from Chinese city Kunming
In the aftermath of the unauthorized transfers on July 7, Zhaojun’s sister discovered login details originating from an IP address in Kunming, a city located in China’s Yunnan province. She also came across a sequence of transactions involving the transfer of funds from the MPC addresses.
After the withdrawals, she moved the remaining user assets to externally owned addresses and notified the team. Subsequently, she too was detained by law enforcement authorities, according to the Multichain team.
Multichain shuts down services, looks to take down website
The team said it has faced challenges in maintaining operations due to limited access on non-MPC servers and legal advice to cooperate with the demands of Zhaojun’s family.
With a lack of alternative sources of information and the inability to bring down their website, Multichain said it has been forced to shut down operations. It has asked domain registrar GoDaddy to help bring the website down.
The exploit affected multiple tokens, including wrapped bitcoin, USDC, DAI, and LINK.
Chainalysis suspected that the exploit may have been an inside job, which appears prima facie correct, although the extenuating circumstances remain unknown.
Multichain’s native token MULTI has plunged over 40% since news of its difficulties emerged.
Zhaojun’s arrest in May coincided with the reported detention of Trust Reserve staff, a yuan-backed stablecoin issuer. Trust Reserve’s offices were found empty with a notice of judicial seizure.
Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.
Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the Forward Guidance newsletter.
Get alpha directly in your inbox with the 0xResearch newsletter — market highlights, charts, degen trade ideas, governance updates, and more.
The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.