Kautuk Kundan, the founder and CEO of Stackr Labs says he hacked Atari’s latest crypto arcade game — built on Coinbase’s Ethereum layer-2 network Base — to prove that its Asteroids game was not built on a blockchain despite the claiming to be “on-chain.”
In an Aug. 6 post to X, Kundan shared that he and his team at Stackr Labs had sabotaged the leaderboard of Atari’s recently launched Asteroids game without playing a single game.
We hacked @base and @atari’s arcade and sabotaged the leaderboard without playing a single game -
— Kautuk ⟠ (@Kautukkundan) August 5, 2024
And this is why people have trust issues with crypto apps ♂️
“On-chain” is becoming a throwaway term for a majority of consumer tech. As a community, we should be doing better than… pic.twitter.com/nAiMPi7cSs
“The game is not actually on-chain. When the user starts the game nothing happens on-chain, at the end of the game when you get a score, you state that score and you put in an API call,” Kundan said.
Instead of playing the game and earning a genuine score, Kundan said he manipulated the official scoreboard of the game simply by sending “API calls to Web2 servers” — something that proves the game is not actually “on-chain” at all.
Additionally, he promised that while he and his team had not touched any other scores on the leaderboard, he suggested other actors may not have been as noble and could’ve easily manipulated their scores to rank higher on the list.
Atari launched the Asteroids game in partnership with Coinbase layer-2 Ethereum network Base on July 25, with players being offered the chance to play the retro arcade game and climb the leaderboard to win prizes including a $1,000 Atari gift card.
Related: Play-to-earn games are the reason ‘real’ gamers hate crypto: Atari founder
“Even if the app runs off-chain, it should produce commitments that are on-chain verifiable,” Kundan said.
Kundan used the example to push something called Proof of Gameplay — an Ethereum roll-up system developed by his own firm Stackr — saying that if games and products want to call themselves “on-chain” they should be verifiable on the blockchain itself.
He reiterated that the hack was not a “negative call-out” but instead it was an “attempt to improve upon, and find solutions for persistent problems,” in crypto applications.
Magazine: How crypto bots are ruining crypto — including auto memecoin rug pulls