Reports said that Solana’s developers forked the widely used token liquidity hub Serum after being compromised by a hack on the bankruptcy exchange FTX on November 11 that led to a series of unauthorized transactions.
It has been reported according to pseudonymous developer Mango Max on Twitter that a “verified build of the same version has been made and deployed” on November 12. Additionally, the upgrade authority and fee revenues “have been changed and are now managed by a multi-sig controlled by a team of trusted developers.” Serum (SRM) and MegaSerum (MSRM) tokens, as well as fee discounts, were not changed and were working as before.
However, the development took place on the weekend. Solana co-founder Anatoly Yakovenko tweeted that developers depending on serum were forking the code after the upgraded key was compromised, adding that many “protocols depend on serum markets for liquidity and liquidations.”
The report said that in a Twitter thread, Mango Max said that the Serum update key was not controlled by the Serum decentralized autonomous organization (DAO) but by a private key connected to FTX and no one could confirm who controlled the keys.
Likewise, the private key was necessary to update the original version of Serum, leading the developers to fork the code, as the private key is under FTX control.
Mango Max also noted:
“When I reached out to a couple of people previously involved with Serum, I got answers like: ‘I wish I had more info to help you, but I really don’t.’”
Thus, liquidity providers such as Jupiter, the most popular aggregator on Solana, confirmed turning off Serum as a liquidity source “due to security concerns about upgrade authorities, and we also encouraged all our integrators to do the same.” Other projects such as Mango Markets and SolBlaze also announced integration with the new fork.