Grand Base: Deployer wallet private key leak → unauthorized token minting → dump

Summary #

Grand Base suffered a RWA / Tokenized Assets on 2024-04-15, resulting in a loss of approximately $2M.

What happened #

Grand Base lost $2M when a developer's hacked PC exposed the deployer wallet, which held unlimited minting rights over the token contract with no multisig or timelock protection.

Linked factors #

• RD-F-004 — causal : Audit count likely 0; floor display [via dashboard_risk_factors/Vulnerability in audited or unaudited code: Unaudited code; root cause is key management failure not a code bug]
• RD-F-006 — causal : Audit-deploy gap (RD-F-006 time between audit and deploy) [via dashboard_risk_factors/Exploited code newly deployed/upgraded?: N — token contract had existing minting rights; no new deployment] || Audit-deploy gap — alternate field name [via dashboard_risk_factors/Exploited code newly deployed/upgraded?: N — token contract had existing minting rights; no new deployment]
• RD-F-027 — causal : ★ Single admin EOA (not multisig, not timelock) [via cross-hack: Factor 18: Single Admin Key With No On-Chain Delay] || ★ Single admin EOA — when value mentions key compromise [via realtime_signals/Governance/admin action: Y — unauthorized token minting by compromised deployer key (effective admin action)]
• RD-F-032 — related : Timelock duration on upgrades = 0 [via cross-hack: Factor 18: Single Admin Key With No On-Chain Delay]
• RD-F-101 — illustrative : Large governance proposal queued — RT signal would have fired [via realtime_signals/Governance/admin action: Y — unauthorized token minting by compromised deployer key (effective admin action)]
• RD-F-146 — related : New deploys in last 30 days — fresh attack surface [via dashboard_risk_factors/Exploited code newly deployed/upgraded?: N — token contract had existing minting rights; no new deployment]