Revest Finance Contract Reactivation and Patch Deployment
The Revest Team has restored functionality to all contracts across all networks on which the Revest Protocol is deployed.
As a part of our ongoing risk-mitigation procedure, we have disabled certain components of our system to increase our security. This will mean a temporary inconvenience for our stakers (additional deposits for stakes are currently disabled) while we work to iteratively return our system to a fully-functional state, while maintaining the aggressive security components introduced in this patch.
We have made heavy use of Reentrancy Guard to prevent the utilization of attack vectors such as the one utilized in the exploit of March 27th, 2022. We have also disabled the more complex functions to reduce the surface-area available to any would-be attacker. This includes the ability to split FNFTs into smaller chunks of value, which has been totally disabled, along with the ability to make multiple deposits to FNFTs, which has been reduced to only being able to make callbacks to associated OutputReceiver contracts.
The ability to transfer the Revest Token will be unpaused tomorrow at 12 PM EST. We are incredibly grateful to our community and to those who assisted us with the response effort to this exploit — particularly Doublesharp, Justin Bebis and the ByteMasons, and Jeffrey from BeethovenX, whose assistance was instrumental in determining the correct course of action in developing a patch for this vulnerability. Further thanks must be extended to FTMAlerts, The Poktopus, and CryptoClay, who assisted greatly in crisis management and communications.