The Fall of Multichain: A Tale of Unexpected Turbulence and Security Breaches

In an unforeseen chain of events that unfolded between May and July 2023, the CEO of Multichain, Zhaojun, was apprehended by Chinese authorities, destabilizing the blockchain project. The situation escalated when user assets began to be transferred to unknown addresses.

From Seizure to Shutdown: The Multichain Saga

According to the Multichain team’s testimony, the first wave of shock for the Multichain community came on May 21, 2023, when CEO Zhaojun was apprehended by Chinese police. This news left the global team in disarray as they discovered their operational access keys to the Multichain Processing Component (MPC) node servers had been revoked. Complicating matters further was the realization that these servers were managed under Zhaojun’s personal cloud server account, to which no one else had access.

The situation continued to spiral when the team made contact with Zhaojun’s family. All of Zhaojun’s devices, hardware wallets, and mnemonic phrases had been confiscated, along with the control of all operational funds and investments. The severity of the situation hit home as it became clear that all the team’s funds and access to servers were in the hands of Zhaojun and, now, China’s police.

With scarce information on Zhaojun’s case, the team was left in a precarious position, trying to maintain operations through the limited access they had left. Adhering to local laws and the family’s wishes, the team chose to withhold information from the public for days. Still, by May 30, they took the responsible step of informing the community about Zhaojun’s disappearance and the ensuing technical issues.

The beginning of June saw a ray of hope when Zhaojun’s family managed to log into the cloud server platform, albeit with restrictions on the engineers’ access. With the family and their lawyer in constant communication with the authorities, the team was assured of Zhaojun’s imminent release. They were urged to continue maintaining the system, but the information about the case details remained scant.

The Multichain protocol, however, continued to function as designed, at least according to the team’s account of the situation. Even with limited resources, the team claimed it worked tirelessly to keep operations running smoothly and resolve user issues that continued to mount. This period of uncertainty also saw an abnormal transfer of user assets locked on the MPC addresses to unknown destinations, raising more questions about the system’s integrity.

Furthering the state of crisis, Zhaojun’s sister transferred the remaining assets in the router pool to her own control on July 9. While she kept the team and project parties informed, this asset preservation action added another layer of complexity to an already bewildering situation. Unknown to them, this was a harbinger of the next wave of shock.

On July 13, Zhaojun’s sister was taken into custody by the police, cutting off yet another point of contact. The team was left in the dark about the status of the preserved assets, leading them to inform the community about the deteriorating situation. With no alternative information sources or operational funds, they were left with no choice but to cease operations.

The Multichain saga underscores the fragility of centralized operational practices in projects advocating for decentralization. The team, now left without access to their domain account, urges users not to use Multichain services and seeks assistance from the domain firm Godaddy to bring down the platform. As the dust settles, this incident serves as a stark reminder of the inherent risks in the crypto-sphere and the need for robust security measures.

What do you think about the Multichain issues? How can companies like Multichain better prepare for such unforeseen events? Share your thoughts and opinions about this subject in the comments section below.

Source

Comments (0)
Add Comment