Yuga Labs has officially revoked the code to create infinite NFTs from the Bored Ape Yacht Club collection. The removal of this code came only a year after the intention was declared.Â
Summary
Yuga Labs and the revocation of the code that creates infinite BAYC NFTs
EmperorTomatoKetchup, one of the co-founders of Yuga Labs, stated on Twitter that he had revoked the code that allowed the infinite creation of Bored Ape Yacht Club NFTs, adding the link to the transaction.Â
tx in question: https://t.co/fmLjnFapvb
— EmperorTomatoKetchup (Kerem Atalay) (@TomatoBAYC) June 7, 2022
“The contract owner has now been burned. While we’d been meaning to do this for a long time, we hadn’t out of an abundance of caution. Felt comfortable doing it now. All done. In lay terms: The issue flagged in this article is now impossible”.
Essentially, for the past year, some code existed that, if executed, could create an unlimited supply of Bored Ape NFT. This resulted in potential hacking vulnerabilities that could have seen new BAYC NFTs flooding the market.
Yuga Labs and the removal of the code one year after its discovery
Exactly one year ago, in June 2021, this code, which would have allowed Yuga Labs to mint as many Bored Ape as it wanted, had already been spotted by Dan Kelley on Twitter.Â
The official Bored Ape account at the time, had replied that it would revoke this code in a day or two, but instead an entire year had passed.
Hey thanks, we were just talking about this. Obviously, we're never going to call that function again and we're planning on revoking ownership in the next day or two.
— Bored Ape Yacht Club (@BoredApeYC) June 2, 2021
“It seems that the hard cap is not actually 10k since the owner can “reserve”/mint as many as they like. @BoredApeYC, any plans to remove the contract owner (or set to an non-existant wallet)?”
“Hey thanks, we were just talking about this. Obviously, we’re never going to call that function again and we’re planning on revoking ownership in the next day or two”.
A relief for BAYC NFT holders
The revocation of this code could be a relief for all owners of BAYC NFTs after the project has been the target of hacking attacks this year.Â
And indeed, just a few days ago, Bored Ape Yacht Club had claimed that its Discord servers were the subject of a “brief” exploit, as 200 ETH ($357,000) worth of NFTs were eventually stolen from users.
Our Discord servers were briefly exploited today. The team caught and addressed it quickly. About 200 ETH worth of NFTs appear to have been impacted. We are still investigating, but if you were impacted, email us at [email protected].
— Bored Ape Yacht Club (@BoredApeYC) June 4, 2022
“Our Discord servers were briefly exploited today. The team caught and addressed it quickly. About 200 ETH worth of NFTs appear to have been impacted. We are still investigating, but if you were impacted, email us at [email protected]”.
Something already happened last April, when hackers allegedly breached BAYC’s Instagram and Discord accounts, running a fraudulent link in chats and managing to compromise some wallets to steal NFTs.Â
