Yuga Labs has removed its ability to mint an infinite number of Bored Ape Yacht Club non-fungible tokens (NFTs), more than a year after it first said it would do so — removing a potential hack vulnerability that could have seen new Apes flood the market.
“The contract owner has now been burned. While we’d been meaning to do this for a long time, we hadn't out of an abundance of caution. Felt comfortable doing it now. All done,” a Yuga Labs co-founder and developer known as EmperorTomatoKetchup said on Twitter.
EmperorTomatoKetchup and another Yuga Labs co-founder known as Gargamel provided a link to the transaction where the code was revoked, with a timestamp of 7:07 p.m. ET on June 7.
The issue was raised as early as June 2021, when NonFungibles CEO Dan Kelly pointed out on Twitter that, according to code on the Ethereum blockchain, it was possible for Yuga Labs, the company behind the popular NFT collection, to mint as many Bored Apes as it liked. At the time, the official Bored Apes Twitter account replied that it was obviously never going to run that code and that it was planning to revoke the ability to use it in a few days.
Cut to June 5, 2022, and this still hadn’t happened. An NFT developer known as foobar noted that this code still existed and that Yuga Labs had never revoked it.
Having this code revoked might be of relief to Bored Ape holders since the project has frequently been targeted with phishing attacks. Just four days ago, its official Discord server was hacked — for at least the second time this year — and 200 ETH ($357,000) worth of NFTs were stolen from users.
© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.