In July 13th Coffe Network announced one of Freeway’s “bridges” was compromised on July 12th.

Dear community,

Unfortunately, one of the bridges of our project was compromised yesterday.

Our partner, Freeway, was targeted and a large number of FWT tokens were removed from our hot wallet and sold on exchange.

However, all funds have now been transferred to a new wallet, where they are safe.

We have stopped all swap operations on bridges while we investigate this incident and the bridges can be revised.

We will keep you updated as soon as we know more. Thank you.

Aubit’s Sadie Hutton put out an update on July 16th and well, things don’t really add up.

As per Hutton’s update;

A large number of FWT tokens were removed from Coffe’s bridging wallet and were subsequently sold, causing extreme price volatility.

By “volatility”, Hutton means FWT collapsed:

On July 13th over a period of five minutes, FWT went from $0.0074 to $0.001059 (0.007 to 0.001 in simpler terms).

In response to the collapse of its Ponzi scheme, Freeway

  1. “locked” the internal FWT value;
  2.  disabled FWT withdrawals, deposits and investment;
  3. pulled available funds to withdraw; and
  4. asked exchanging listing FWT to “halt transactions”.

Freeway then set about plans to reboot its Ponzi scheme, by launching a new smart-contract.

And we took the decision to redeploy a new Freeway token smart-contract, based on a snapshot prior to the exploit.

We expect to redeploy next week.

The new smart-contract will create new Freeway tokens, distributed as they were prior to the hack. The intention is to carry on like the hack never happened.

But it did.

One thing neither Coffe Network or Hutton discloses is how much the alleged hacker made off with.

Someone replying to Coffe Network’s announcement claimed “the exploiter got away with 434 BNB and 348 ETH”.

If accurate, that comes to a paltry $651,525.

I have no way of verifying that figure – but it does make you think.

If just over half a million was all it took to tank FWT, what’ll happen once investors start cashing out that much on a regular basis?

If you’re unclear on Freeway’s business model, they pay annual returns of up to 43%. This is done through FWT, which Freeway creates out of thin air.

Cashing out, like the supposed hacker does, works as long as there’s invested funds to cash out.

Traffic to Freeway’s website plummeted by almost half between May and June:

Most of Freeway’s investors are being recruited in Canada (45% of website traffic). South Africa is only a quarter of that but comes in second.

The elephant in the room here is what if this was all just a planned… well not quite an exit-scam. A sort of mini exit-scam, so to speak.

Freeway can’t cash out anything without it being obvious to investors. So why not just sell tokens outside of the investment opportunity…

These tokens were never meant to be part of the circulating supply and were used exclusively for bridging between blockchains.

…cash out a bit, come up with “hackers!” malarkey and then reset everything – minus the backend money cashed out.

Freeway investors will see it as a win. Freeway’s token will go back up to $0.008, as that’s what the reboot smart-contract will deploy FWT at (FWT was $0.0073 as of July 13th).

And like all Ponzi schemes, they have no idea how much actual money is left to withdraw.

Freeway’s executives get to look like the good guys, while taking a little bit extra off the top.

There could be a genuine third-party hacker but it just seems strange. Coffe Network have thus far claimed only Freeway was targeted. That seems oddly specific.

If the problem was on Coffe Network’s end, why wasn’t anyone else targeted?

If the problem was with Freeway’s own security, has the exploit been fixed?

Do either Freeway of Coffe Network even know what the exploit is?

Seems rebooting Freeway’s Ponzi scheme is more important than getting to the bottom of anything.

I suppose on the flipside it’s a lot of effort to go to for relatively little reward. You’re going to panic investors if you take your admin cut off the backend anyway – so the outcome is pretty much the same.

Well, except for the “don’t worry, we fixed it!” part. Nothing is more important to a Ponzi scheme than investor confidence.