An unfinished storm.

Written by: Karen, Foresight News

On the evening of November 25, an address marked as the creator of RIF and URO on pump.fun issued Urolithin B (URO) tokens, leading many community members to mistakenly believe this was a token issued by pump.science. Urolithin B (URO) quickly 'graduated,' and within two minutes of joining the liquidity pool, its market capitalization once soared to 10 million dollars; however, it then began to decline, and its market capitalization has now fallen back to about 100,000 dollars.

This incident seems to have also affected the market performance of Urolithin A (URO) and Rifampicin (RIF), both of which fell more than 30% within 24 hours. So, what exactly is going on?

pump.science wallet key pair leaked

The incident was caused by the leak of pump.science's wallet key pair.

According to pump.science, due to an oversight in their GitHub repository, the wallet address T5j2UBTvLYPCwDP5MVkSALN7fwuLFDL9jUXJNjjb8sc was attacked, and the attacker found the key pair in the website's source code. This key pair was used for testing purposes in pump.science's GitHub from the beginning, and the development team did not realize its importance.

From the fraudulent URO token page that appeared on pump.fun last night, it can be seen that the wallet address deploying this fake token is indeed T5j2UBTvLYPCwDP5MVkSALN7fwuLFDL9jUXJNjjb8sc. The pump.fun platform shows that this address had previously deployed the two official tokens Urolithin A (URO) and Rifampicin (RIF) off-chain, which currently have market capitalizations of about 87 million dollars and 37 million dollars, respectively.

Moreover, the fraudulent URO tokens were issued on-chain by the address starting with the leaked key pair T5j2UBT. This is precisely why it shows on pump.fun that the official URO and RIF token deployers released the new tokens.

pump.science stated that the wallet was marked as the off-chain token creator of URO and RIF on pump.fun, and the attacker may utilize this wallet to issue more tokens, with any other tokens issued by this wallet besides URO and RIF considered fraudulent.

It is worth noting that pump.science has not taken any remedial or compensatory measures for those users who mistakenly believed and took over the fraudulent URO tokens, which has raised widespread concern and discussion in the community.

The off-chain creation feature of pump.fun caused confusion in blockchain explorers and data tools.

Also raising questions in the community are the token creators displayed on pump.fun and blockchain explorers and data tools.

The official URO and RIF tokens from pump.science were created off-chain via pump.fun, while the fraudulent URO was created on-chain via pump.fun. However, blockchain explorer solscan shows that the deployer addresses for Urolithin A (URO) and Rifampicin (RIF) are: BLDRZQiqt4ESPz12L9mt4XTBjeEfjoBopGPDMA36KtuZ.

Next, let's first understand the off-chain token issuing function of pump.fun. On the pump.fun platform, off-chain token issuance is free, and the tokens will not be recorded on-chain immediately after issuance, but will only be recorded on-chain when the first buyer appears. The first buyer needs to pay the issuance cost of the tokens. Therefore, for the tokens created off-chain, the first buyer is usually mistakenly regarded as the deployer of the tokens by blockchain explorers such as solscan or GMGN.

For example, after the official URO and RIF tokens were created off-chain, the wallet address of the first buyer, BLDRZQiqt4ESPz12L9mt4XTBjeEfjoBopGPDMA36KtuZ, was mistakenly marked as the deployer of the tokens by solscan or GMGN.

Here, the author reminds investors to carefully distinguish and verify the tokens created on-chain and off-chain on pump.fun when investing in Meme tokens to avoid falling into fraudulent traps. Additionally, vigilance should be maintained against any potential tokens issued by the wallet starting with T5j2UBTvLY. At the same time, we hope that platform officials and token deployers can enhance security measures to prevent the recurrence of such fraudulent activities.