pump.science Private Key Breach: The Full Story of Counterfeiting and Collapse

Original Article Title: "pump.science Wallet Private Key Leak: An Ongoing Controversy"

Original Article Author: Karen, Foresight News

On the evening of November 25, a wallet address identified on pump.fun as the creator of RIF and URO tokens released the Urolithin B (URO) token, leading many community members to mistakenly believe it was an official token issued by pump.science. Urolithin B (URO) quickly "graduated" and within two minutes of joining the liquidity pool, its market capitalization briefly surged to $10 million. However, it soon began to plummet and is currently valued at around $100,000.

This event also appears to have affected the market performance of Urolithin A (URO) and Rifampicin (RIF), with both experiencing over a 30% drop in the following 24 hours. So, what exactly happened?

pump.science Wallet Private Key Leak

The root cause of the event was the leak of pump.science's wallet private key.

According to pump.science's official statement, due to an oversight in their GitHub repository, the wallet address T5j2UBTvLYPCwDP5MVkSALN7fwuLFDL9jUXJNjjb8sc was compromised, and the attacker found the key pair in the website's source code. This key pair was originally used for testing purposes in pump.science's GitHub from the start, and the development team did not realize its significance.

From the fraudulent URO token page that appeared on pump.fun last night, it can be seen that the wallet address deploying this fake token is indeed T5j2UBTvLYPCwDP5MVkSALN7fwuLFDL9jUXJNjjb8sc. The pump.fun platform indicates that this address had previously deployed the official Urolithin A (URO) and Rifampicin (RIF) tokens off-chain, with current market valuations of approximately $87 million and $37 million, respectively.

This fraudulent URO token was issued on-chain by the T5j2UBT prefix address with the leaked key pair. This is why it appears on pump.fun that the deployer of the official URO and RIF tokens released a new coin.

pump.science stated that the wallet in question is the creator of off-chain tokens marked as URO and RIF on pump.fun. The attacker may exploit this wallet to issue more tokens, and any other tokens issued by this wallet, aside from URO and RIF, should be considered fraudulent.

It is worth noting that the official stance of pump.science did not take any remedial or compensatory measures for users who mistakenly believed and bought the fraudulent URO tokens, which has sparked widespread community concern and debate.

pump.fun's Off-Chain Creation Feature Causes Confusion in Blockchain Explorer and Data Tools Display

Also adding to community confusion is the display of token creation in pump.fun and in blockchain explorers and data tools.

The official URO and RIF tokens from pump.science were created off-chain via pump.fun, while the fraudulent URO was created on-chain via pump.fun. However, the blockchain explorer solscan displays the deployer address for Urolithin A (URO) and Rifampicin (RIF) as: BLDRZQiqt4ESPz12L9mt4XTBjeEfjoBopGPDMA36KtuZ.

Next, let's first understand pump.fun's off-chain token issuance feature. On the pump.fun platform, off-chain token issuance is free, and the issued tokens are not immediately recorded on-chain until the first buyer appears. The first buyer needs to pay the issuance cost of the tokens. Therefore, for tokens created off-chain, the first buyer is often mistakenly identified as the token deployer by blockchain explorers like solscan or GMGN.

For example, after the official URO and RIF tokens were created off-chain, the wallet address of the first buyer, BLDRZQiqt4ESPz12L9mt4XTBjeEfjoBopGPDMA36KtuZ, was erroneously flagged as the token deployer by solscan or GMGN.

Here, the author reminds investors to differentiate between tokens created on-chain and off-chain on pump.fun when investing in Meme tokens and to verify to avoid falling into scam traps. Additionally, caution should be exercised regarding any potential tokens issued by wallets leaked by pump.science starting with T5j2UBTvLY. Furthermore, it is hoped that platform operators and token deployers will enhance security measures to prevent such fraudulent activities from happening again.

Original Article Link