VERDICT —OUT OF SCOPE
Root cause is infrastructure (DNS / cloud / database / third-party API) compromise, not on-chain contract logic. Pre-deployment source review would not surface this; coverage lives in cloud-security + supply-chain audit, separate discipline.
▰ METHOD
INFRASTRUCTURE
INFRASTRUCTURE
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
The privacy coin Verge (XVG) underwent a reorganization of 560,000 blockchains after a 51% attack on Monday. Lucas Nuzzi of CoinMetrics stated that the history of token transactions over 200 days has been deleted. Attack method (per SlowMist): 51% attack. Reported loss: -.
Primary source
https://news.bitcoin.com/privacy-coin-verge-third-51-attack-200-days-xvg-transactions-erased/ ↗Sourced from
slowmist
Technical record
- chain
- —
- protocol
- Verge
- bug_class
- infrastructure
- date_occurred
- 2021-02-15
- loss_usd
- —
- source_id
- sm:verge::2021-02-15
Related — same bug class· infrastructure