TLDR; Team replaced anonymous CEO, contract was vulnerable, old anonymous CEO minted 3m new tokens, dumped them and sailed off into the sunset.

Surprisingly the story regarding the Oyster Pearl exit scam doesn’t seem to be getting as much attention as one might have expected. The story is a simple one which has been told time and time again in the crypto-space. In basic layman’s terms the story is this: the CEO of a cryptocurrency has pulled a fast one and made a swift exit with a lot of money.

While that is the long and short of it all, it doesn’t exactly paint the full picture as to what has actually happened over at the PRL camp. So let me try and explain.

What actually happened?

If you aren’t already aware, yesterday (29/10/2018), in the early evening, investors in the PRL ERC20 token were enjoying the benefits of a significant price bump which had been continuing for the best part of a week. The price bump saw the PRL token reach a high price of roughly $0.25 which obviously sent investors to the market for their own personal reasons.

However, during the evening, investors and token holders were quickly reminded of the risks of cryptocurrency industry when the token’s value plummeted all the way down to $0.07 and all trading was halted on the popular exchange, KuCoin.

This price dump and halting of trading was followed by a Tweet from the Oyster PRL team who stated that their contract had not been breached and reminded their following of its passed audits. Their update also wen to announce the fact that their previous CEO, Bruno, had transferred ownership of their smart contract…. after minting a further 3 million PRL tokens and dumping them, and that this was the obvious reason for the drop in value/halt of trading on KuCoin.

How did it happen?

As it turns out, having a poorly designed smart contract and a completely anonymous CEO (when I say completely anonymous I mean to the point that staff working with him/her for 10 months do not know his/her identity) is a recipe for disaster.

The long and short of the mechanics behind the exit scam are as follows: the Oyster PRL smart contract had a function which allowed for their ICO to be reopened if the correct function was called by an Ethereum account which possessed the correct privileges. Knowing that he/she was about to be replaced, the enigmatic Bruno decided to exercise his/her authority and mint 3 million PRL tokens which were then subsequently dumped for ETH and BTC.

Since the dumpening took place Bruno has, obviously, disappeared and the PRL team are left to pick up the pieces.

Why did it happen?

As already touched upon in this article, the exit scam was only made possible by the fact that the Oyster Pearl team protected the identity of their CEO while failing to notice, or fix, the vulnerability in their Ethereum smart contract. This is literally a result of the perfect mix of both naivety and greed.

What is next?

At present the remaining PRL team are attempting to migrate their smart contract and return its state to that of just before the damning events took place. While this would rectify the numbers for total supply etc it will do very little in the way of restoring confidence in the companies token holding community.

The Oyster team have issued an official statement on the issue which I have linked below but, for now at least, it appears this could be a project which will, ultimately, end up being abandoned. Typical, just after I bought a load.

Happiness?