Interview: Tong, PANews

Editor: Yuliya, PANews

On July 12, an unexpected hacker attack caused Pundi AI to issue an abnormal increase of 1 million tokens in just a few minutes. In the face of this crisis, the team chose to freeze, track, and recover assets first, and disclosed the situation publicly as soon as they ensured the safety of funds. Ultimately, they successfully recovered and froze nearly 90% of the stolen funds, covering over a million dollars to complete full user compensation. However, the vulnerability exploited by the hacker in the ERC1967Proxy contract has now affected multiple projects in the industry. As a result, Pundi AI was notified by the Korean Digital Asset Exchange Association (DAXA), composed of five major exchanges including Upbit and Bithumb, to delist from Korean exchanges, citing "untimely information disclosure."

To help readers better understand the context of the event, here is a key timeline review.

• March 2 — Function X announced a rebranding to PUNDIAI and a token swap to PUNDI; at this time, the hacker was already lurking, but was not detected due to being too covert.

• July 12 — The hacker officially launched the attack, issuing an abnormal increase of 1 million tokens; that day, transfers were frozen and tracking was initiated; that evening, the CEO publicly disclosed the contract vulnerability to the community and announced the measures taken.

• July 14 — Full disclosure of the attack investigation results and solutions to exchanges, and communication with DAXA began.

• July 28 — Upbit and Bithumb announced they would delist PundiAI on August 28, citing "untimely information disclosure."

• July 31 — Official statement that over 80% of assets were recovered, and full user compensation was completed within 11 days.

In this interview, PANews exclusively spoke with Pundi AI co-founder Danny Lim, who recounted the entire event process, providing safety reminders for other projects migrating tokens in the industry, and operational guidelines for projects listed on compliant exchanges in Korea. He also discussed Pundi AI's product layout in the AI data field from an industry perspective, as well as thoughts on the current development of the Web3 AI track.

Additionally, he posed a dilemma: In the process of outsmarting the hacker, should the priority be to ensure user fund safety without alarming the hacker? Or should transparency be prioritized, publicly disclosing information immediately, which could potentially accelerate the hacker's fund transfer and increase the amount of loss? This time, Pundi AI chose the former, but also bore the cost of the choice due to the "flaw" in transparency.

As the saying goes, "A blessing in disguise," Danny humorously remarked that being delisted from compliant exchanges has instead "unlocked" the project's development. In the past, they could not casually repurchase or destroy tokens without the exchange's consent. Now, they can use token economics more flexibly to give back to the community. Pundi AI will also repurchase tokens and airdrop to users, "thanking them for standing by us in difficult times."

Theft, Delisting, and Difficult Choices

PANews: Recently, we saw the announcement that the Korean Digital Asset Exchange Association (DAXA) requested members to delist Pundi tokens, due to the theft during the token migration process and the failure to disclose it in a timely manner. Can you elaborate on the events?

Danny: The security incident occurred around 2:20 PM on July 12. Our system issued a warning around 2:40, indicating abnormal minting of approximately 1 million PUNDI tokens. Initially, we thought it was a bug in the contract. It happened to be a Saturday, and we urgently contacted the technical team for verification.

By 5 PM, we confirmed that this was not a bug, but an attack. We immediately contacted major exchanges to request a suspension of PUNDIAI's deposit and withdrawal functions.

The entire attack process was very sophisticated. The hacker exploited a vulnerability in our token migration contract. During our transaction to deploy the new contract in February, the hacker submitted a transaction with a higher gas fee within the same block, preemptively calling and obtaining our contract's admin key. This method was very precise, requiring accurate timing of our transaction and block.

PANews: How many protocols could this security vulnerability potentially affect? Did you take measures to alert other institutions?

Danny: This was a very covert vulnerability. We completed the token swap in February, and it only became exposed when the attack occurred in July. Recently, we have also seen several projects on the Base chain and Ethereum attacked using similar methods in the last three to four weeks. Hackers are very patient and often lurk for months, waiting for the market to warm up and project popularity to rise before striking. Therefore, our public disclosure of the detailed events serves as a lesson for all peers, especially for those planning to migrate tokens or upgrade contracts—they must pay attention to the potential security risks of "front-running attacks."

PANews: What measures did you take after discovering the theft, and did you communicate this with the community?

Danny: Considering that the hacker did not immediately sell off all the minted tokens but rather liquidated them slowly, we judged that the hacker might not have realized we had discovered the theft. To maximize the recovery of assets, we made a difficult decision: to avoid alarming the hacker and quietly track and freeze the assets. After the assets were protected, we announced on Twitter that our contract had encountered issues that evening and publicly disclosed our handling plan.

This strategy was very effective. We successfully intercepted about 95% of the stolen assets on Ethereum and our own mainnet F(x)Core. The main losses occurred on the BSC chain, because we were connected to BSC through the Axelar cross-chain bridge, and at that time it was the weekend, causing delays in response from third-party service providers. For users who suffered losses due to price drops on PancakeSwap and our own DEX, we repurchased at fair prices to ensure users did not incur losses.

Overall, this attack resulted in an issuance of tokens worth about $6 million at the time market price. Through freezing and recovery, we ultimately managed to recover about 87% of the assets, and we decided to absorb nearly $2 million in losses ourselves. We set a cap on single issuance in the token contract; otherwise, the losses could have been greater.

PANews: The theft only involved tokens; did it have any impact on the product level?

Danny: There was some impact. Because we have a cross-chain bridge communicating between Ethereum, BSC, and F(x)Core, we upgraded the token contract to prevent similar incidents from happening again. So there is some impact on the cross-chain bridge functionality, but overall, the product level remains stable and was not significantly affected.

PANews: Did you communicate with DAXA? Do you think their direct delisting approach is inappropriate, or what lessons have you learned?

Danny: We had extensive communication with DAXA. They sent us an email on July 14, and we exchanged three or four replies. Throughout the communication process, they did not express any blame nor did they propose any specific rectification requirements; they just kept asking about technical details, solutions, and user compensation status. So we felt that the issue was not serious, believing we had recovered most of the funds, compensated all user losses, and absorbed our own losses, and that we should be fine. But unexpectedly, we received a delisting notice this Monday. DAXA did not provide specific reasons; according to the exchange's announcement, the reason for delisting was "untimely disclosure," leaving us no room for explanation or buffer.

From our perspective, we certainly feel it is regrettable, even somewhat "disheartening." We are a team that is genuinely working hard; after being attacked by hackers, we used our own money to compensate user losses and did our best to recover assets. But in the end, we received such a result. Especially compared to the recent GMX hacker incident, where they passed through unscathed, while we were delisted.

However, from DAXA's standpoint, they are upholding the principles of transparency and openness in the entire market, and their actions are understandable. We indeed had procedural flaws.

The biggest lesson is: in the Korean market, the timeliness and transparency of information are more important than anything else. This is a painful lesson; we did not balance well between "quietly recovering assets" and "disclosing information immediately." I hope this serves as a warning for all projects that are live in Korea or plan to launch in Korea.

PANews: The delisting may affect your reputation?

Danny: Yes, this is our biggest concern. The trading losses caused by the delisting are secondary; what hurts more is the damage to our reputation. Many people will not delve into the underlying reasons; they will only see "Pundi AI was delisted by DAXA," and then label us as a "bad company" or "scammer." This has led to a misunderstanding of our years of effort and credibility.

The Dilemma of the Korean Market and Future Plans

PANews: When did Pundi AI launch on Korean exchanges? How many users have you accumulated in the Korean market?

Danny: We have been in the Korean market for a long time. The predecessor Function X (FX) launched on Bithumb in 2019 and on Upbit in 2020. We have been cultivating in Korea for five to six years, with at least 200,000 to 300,000 users, possibly even over 400,000.

PANews: Currently, there is a significant kimchi premium in Korea, especially in certain altcoin markets. What are your observations about the Korean market? Will you seek to relist on Korean exchanges?**

Danny: The Korean market is quite unique. Users heavily rely on CEX for trading, and the general acceptance of DeFi or on-chain operations is relatively low. About 80% of our trading volume and 70% of our tradable tokens are on Korean CEXs. So this delisting has a huge impact on our liquidity.

As for relisting, we’ve asked around, and the feedback indicates that it will be extremely difficult. DAXA's decision holds authority in Korea, and once made, it is hard to reverse in the short term. However, we are still actively communicating with DAXA and major exchanges, hoping to regain their trust and return to the Korean market.

But there is one thing that comforts and moves us greatly. After the delisting announcement, our token price did not plummet like other projects; it remained relatively stable. This shows that our community and our token holders still believe in us. This is also the most heartbreaking part for us; on one hand, we feel we cannot betray this trust, while on the other hand, we struggle to provide them with convenient trading channels.

PANews: Do you have any plans for the community moving forward?

Danny: We currently have three core plans.

• First, since the path with centralized exchanges in Korea is temporarily difficult, we will increase our investment in on-chain, that is, decentralized exchanges. We will fund deeper liquidity pools on platforms like PancakeSwap and Uniswap to provide users with ample liquidity.

• Second, we will vigorously promote our brand new AI data products. We believe that good products are the core driving force for project development.

• Third, we will launch a token buyback and airdrop plan. To be honest, in the past, when we were listed on compliant centralized exchanges in Korea, our hands were tied; we couldn’t casually buy back or destroy tokens without their consent. Now, we can say we have "unlocked the seal" and can use token economics more flexibly to give back to the community. We will buy back tokens and airdrop to our supportive users, thanking them for standing by us in difficult times.

The Vision and Challenges of AI Data Assetization

PANews: You mentioned the brand new AI data products; can you elaborate on this product and the upcoming plans?

Danny: In fact, our new product Data Pump is already ready and was soft-launched on July 10. Coincidentally, we were attacked on the 12th, which prevented us from promoting it at all.

Data Pump can be understood as a "Launchpad for AI datasets." This product combines mechanisms similar to Pump.fun, but the underlying assets are not meme coins; they are datasets. It aims to tokenize data (DataFi), allowing users to package various content data (tweets, audio, videos, etc.) into NFTs, which they can then collateralize on our platform to generate corresponding tokens and directly create trading pairs for trading on DEXs like PancakeSwap. Moving forward, all our focus will be on promoting and operating this product.

PANews: In the past two years, the AI track has become one of the key areas in Web3. How do Pundi AI's products differ from others like Sahara and Openledger in the AI data field?

Danny: First, in terms of data, many projects focus on general data labeling, where users mainly aim to "farm airdrops," and the commercial value of this data is limited. From the beginning, we have focused on specialized subfields, such as medical imaging (cardiovascular disease recognition), autonomous driving (high-precision obstacle tracing), and legal documents. We recruit medical students from universities in Indonesia for labeling, ensuring the professionalism and high quality of the data. Although we only have tens of thousands of labeling users, with fewer than 1,000 active ones, the quality is very high.

Secondly, we have added an extra layer by developing AI AMM (Automated Market Maker). Users only need to deposit LP tokens to automatically trade on-chain. This achieves the assetization and monetization of data.

Finally, we have a vast data foundation. We currently have a PB (approximately 1024 TB) level of data on-chain, which should be one of the largest data storage capacities in the Web3 field.

PANews: Since the FOMO market for AI agents ended at the beginning of this year, the AI track has been in a low-level consolidation. What do you think are the bottlenecks in the development of the Web3 AI field now? Is there hope for a return to the early year's boom?

Danny: Personally, I believe the bottleneck in the development of Web3 AI lies in the fact that there are currently no truly useful, life-changing products available.

First, the so-called "decentralized computing power" at this stage is more of a pseudo-issue. Running small language models on a decentralized network may be feasible, but running a truly meaningful large model like GPT-4 is completely unrealistic.

The real value of blockchain in the AI field lies in the "data layer," which is to protect user data sovereignty and privacy. Every question you ask on ChatGPT is providing it with data, and you cannot prevent it from accessing your history. Blockchain, especially using ZK (zero-knowledge proof) technology, can perfectly solve this problem, allowing users to safely let AI use their data with authorization.

However, the bottleneck is that ordinary users at this stage have not yet realized how important their data privacy is. People are still not aware of this.

Therefore, for the Web3 AI track to usher in a real boom, I believe we must wait for a "backward-compatible" moment. In other words, we need to wait for a traditional AI giant, such as OpenAI or Google, to realize the importance of user data privacy due to some catalyst (like a massive data leak scandal) and actively embrace blockchain technology to provide users with data protection features. This trend will definitely be led by traditional giants, rather than being driven from the bottom up by Web3 native projects. I believe this day is not too far off.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。