OpenTensor Foundation: Establishing mechanisms to ensure fund security and will restore normal operation of the Bittensor chain as soon as possible

Odaily News The OpenTensor Foundation said in a post on X that the team is committed to restoring the normal operation of the Bittensor blockchain as soon as possible. The current priority is to ensure the security and integrity of the system, to ensure that no additional wallets are compromised and no more funds are at risk. Officials said they are continuing to work on a mechanism to ensure the safety of funds at risk. Yesterday, regarding the root cause of the Bittensor on-chain attack, the OpenTensor Foundation said that the attack was traced back to PyPi Package Manager version 6.12.2, in which a malicious package was uploaded, endangering user security. The malicious package disguised as a legitimate Bittensor package contains code for stealing unencrypted cold key details. When a user downloads this package and decrypts their cold key, the decrypted bytecode is sent to a remote server controlled by the attacker. Those affected are mainly users who downloaded the Bittensor PyPi package and performed transfers, pledges, delegations, and other operations between May 22 and 29. Regarding mitigation measures, the OTF team has removed the malicious 6.12.2 version package from the PyPi package manager library. OTF has been conducting a detailed review of the Subtensor and Bittensor code on Github to ensure that there are no additional attack vectors, and no additional vulnerabilities have been found. The OTF team will continue to thoroughly review and evaluate the code base and conduct a comprehensive assessment of all other possible attack vectors. The OTF is also working with multiple exchanges to provide them with details of the attack so that the attacker can be tracked and the stolen funds can be recovered as much as possible. OTF pointed out that the attack did not affect the blockchain or Subtensor code, and the underlying Bittensor protocol remains intact and secure. After the code review is completed, Opentensor will gradually restore the normal operation of the Bittensor chain to make transactions smooth again.