Ethereum-based gambling site, Fairwin, was accused of running a Ponzi scheme or a Pyramid scheme via its blockchain platform. Fairwin also equips users with a fairly simplistic way to invest in Ethereum, and earn from dividends and referrals.
Reportedly, some papers by Etherscan (a leading search engine that allows users to effortlessly lookup, verify and validate transactions that took place on an Ethereum Blockchain) accused the smart contract wallet of FairWin, the gambling game based on Ethereum, of being a ‘Ponzi scheme.’
Recently, Clément Lesaege, a blockchain dispute resolution layer, traveled to the Ethereum Reddit, to warn the betting site after a thorough examination of their system’s workings. The investigation revealed that Fairwin had either established a Ponzi scheme deliberately or had no knowledge of its existence.
Furthermore, Lesaege also uncovered ambiguity in their smart contract’s code, which could be exploited at will, by Fairwin operators, to run a Pyramid scheme or an escape scam.
The operators could employ the escape scheme and transfer all and any amount of balance to their accounts at will. They could even refuse to pay the promised potential dividends to the investors.
Thank you for your suggestion. We have already found the vulnerability, but we don’t think it is a vulnerability. The contract is judged and the invitation code generated by the user for the first time will be used as the final invitation code. So the loophole is invalid. In addition, we have real-time monitoring on our side. Once it is entered, it will be invalid. The intruder, we will alert at the first time, and then exclude the intruder.
This was followed by a chain of sudden-succession of withdrawals from the contract wallets, resulting in it to be empty. The withdrawals took place within a couple of days and amounted to around $3 million Ethereum.
These sudden withdrawals from multiple Ethereum accounts could be a result of either, creditors removing money from their accounts, or the work of the Ponzi scheme operating in the background.
Previously, critical loopholes were found in a game by Philippe Castonguay. Castonguay informed that three main vulnerabilities were discovered- “one allowing the owner/admin of the contracts to totally drain [the smart contract containing $8 million in ether], one where the admin can prevent users from withdrawing forever and one where anyone, not just the owner, can steal new deposits,” Back then, the smart contract held over $8 million Ethereum which was fully emptied by creditor or a scam scheme.