From Rugs to Riches, RugDoc has been growing steadily as a tight-knit community and we are fortunately blessed to have you all along the journey with us.
Let’s face it – this is mostly because of you, our loyal fellow degens, that have made our platform the go-to place in DeFi and helped our goal of #MakingDeFiSafer.
Here’s a look back on some of the highs and lows of RugDoc’s inaugural year.
The Birth of RugDoc
In March 2021, RugDoc was born. Our focus was to make DeFi safer with a more community-led approach. In fact, here was our first official text announcement on our channel:
And with a much larger and loftier goal, we needed bigger tools.
And so, RugDoc officially started… with a Google Sheet.
It wasn’t anything fancy—just a simple spreadsheet where we reviewed yield farms using a free tool called Diffchecker and jotted down our thoughts.
But it worked.
Countless members of RugDoc’s community were saved from getting the rug pulled from their feet as we fired up our first danger announcements.
In fact, we were noticing many red flags left and right, so we decided to announce our first real potential rug alert:
Shortly after, Pulldogswap pulled the rug from underneath as the team ran off with users’ funds. But not those who listened to our first call.
It turns out, the community saw our potential…
The Growth of a Community
Our team grew, but so did the scammers.
Come April, we saw more and more projects aiming to steal users’ funds. Polygoat.Finance, even with a Solidity Audit in hand, blocked users from withdrawing their funds. In fact, all harvests went to a private wallet.
Our nuanced suggestion was to “GTFO and stay out – unstake and bail!”Alt Season is Here! (Caution Advised…)
Come June, famous writer Marie Lu’s quote rang true: “June will break your heart. I can see it already. She’ll shatter you into a million pieces.”
We saw so many rugs this month, it could have been mistaken for a house of ill repute.
From PolyWeed devs that set withdrawal fees to 98% to PolyButterfly which had codes in their masterchef that allowed them to steal staked tokens, chaos ensued.
Total stolen: 600.35 ETH (or over 1.5M $ at the time). A Code Cat comeback was imminent.
Novel ways of exploiting projects were unfolding, such as the exploit that allowed scammers to generate countless tokens, draining a liquidity pool in the process. Such farms affected by this exploit included KetchupSwap, Lokum, YBear, Piggy, CaramelSwap, GoCerberus, and Garuda.
But within darkness, there’s light!
Or, at least some kind vigilantes with Batman-levels of detective skills. A big shoutout goes out to CryptOgle and the team, who tracked down the scammers from the $22M StableMagnet exploit. After 2 grueling weeks, most of the money was finally recovered.
This was a huge highlight of the year, showcasing that there are some truly great people in DeFi. And speaking of highlights, we thought it was time for RugDoc’s Google Sheets to finally hit the sack in favor of our fresh, new website.
The Summer of Ups and Downs
In July, we hit a great milestone: our 1,000th review. We have to give credit to our reviewers who are all residents of New York – or, so we assume – because just like the city that never sleeps, they are working around the clock on these reviews to Make DeFi Safer!
We also gained more partners such as @ApeSwap and reviewed their platform as the 1,000th RugDoc review.
We also partnered up with our preferred auditor, @0xPaladinSec🛡! They are a RugDoc preferred auditor because they conduct thorough audits and help projects deploy safer contracts for users.
Rugdoc.io also officially partnered with @avalancheavax by bringing our peer review process to their chain and creating educational content for #AVAX users at wiki.Rugdoc.io! We also partnered with @iotex_io and the gaming metaverse, ProjectOasis!
Here are some more lows we faced, but tackled head-on as a community:
- FTM died as Tshares lost their peg
- plantvsundead (who still seem to be alive…) rugged
- @VeeFinance was exploited for $25M
- SaturnbeamFi on @MoonriverNW hardrugged
- @avaterrafinance suffered an exploit
- @CreamdotFinance was exploited for about $117M due to a bug in the $CREAM price oracle
- @AnubisDAO was exploited for ~$58M
RugDoc: In the Flesh
Of course, we’re mostly a digital-based community.
But this time, we had some in-person events to cover.
The Doc was asked to speak at DCentral Miami. The party didn’t stop there, as if you looked close enough, you could meet and greet us IRL as we co-hosted a few events during Art Basel like the Siren Pool Party, the 0xGenesis Yacht Party, and the Major Lazer show!
If you unfortunately missed out on those, there was some great swag to be had and found around Miami.
An Eventful End of Year
Sadly, we encountered a December to dismember as our calling became ever more clear with some new exploits:
- $120M was stolen in the @badgerdao exploit. This terrible experience serves as a lesson that even older, established DeFi projects can catastrophically fail and users can never afford to get too comfortable about their security.
- @BitMartExchange hot wallet was also actively being hacked and stolen under our eyes. This was the first time we’ve seen an entire hot wallet compromised. $200M was dumped and gone.
- @BNBHeroes soft rugged and dumped liquidity for a gain of ~$2M.
- Grim Finance was severely exploited for 30M after the #Fantom vault’s platform was exploited through a reentrancy vector. A combination of a bad audit, bad code, refusal to see the warning signs, and pride were the main culprits.
Ah well, you either win or you learn in DeFi.
Thank you, RugDoc fam for a wonderful 2021! We start 2022 with even more drive, determination, wisdom, and experience as when we first launched. We aren’t even a year old, and are excited to keep building to Make #DeFi a safer, more accessible space for all!
Signing off,
Team RugDoc