One thing that has always amazed me is how much talent BitmapPunks managed to gather. Despite its small market cap, it drew the attention of so many skilled cyber nomads. I remember how low our expectations were at launch. Our best estimate was that it would take two weeks to fully mint. Instead, the TGE completed in under 14 hours. When we dug into it, we found that many were minted by bots. Bots in a mint were nothing new in crypto, but what surprised me was how fast they were built. And it didn't stop there. Soon after the native market launched, someone deployed rare-NFT sniping bots so fast they could snipe the rare ones in the very same block they became available. People were putting MEV-level skill to work here for just a few bucks. On one hand, I felt proud and honored that this project attracted some of the most talented geeks in the space. On the other, I always carried this quiet worry that no mistake we made would ever escape their eyes. This week, that nightmare came true. What cripples me isn't the financial loss — it's the loss of faith to build something new for this space. I've always had ideas I wanted to bring to life, and so far I've realized maybe 5% of them. Now I have to force myself to stop. Given the pace of AI progress, everything we build suddenly feels so fragile. We're going to pause here until we have a plan we're truly confident can survive. Looking back, I feel grateful that one of the best decisions I made was turning down various collabs that could have driven short-term hype. Otherwise, the damage today would have hurt far more people. I know many of my close friends bought heavily from the secondary market. I'm sorry this project didn't reward you financially. And to the many of you still using your BitmapPunks as your PFP across your profiles — I want to express my deepest appreciation. It means more than you know. Many have suggested an airdrop based on a snapshot taken before the hack. Technically, this is possible. But no one can guarantee that a new contract would be perfect and unhackable. As much as we emotionally want to do it — to shake off this feeling of defeat — we won't rush into it. Right now, the team's focus is working with security teams to track down the attackers. If we manage to recover any funds, or if the hacker is willing to negotiate, every recovered dollar will go toward giving BitmapPunks the best possible chance to get back on its feet. Fingers crossed, and back to work.

BitmapPunks的账务状态像一条死胡同，超额铸造让TVL直接归零。ERC-721降级好比砍掉引擎换帆船，共识脆弱时修复成本常高于重建。代币经济的基础设施补丁能撑多远？

Floor Protocol V2 与 BitmapPunks 今天遭到攻击 Yuga Labs 紧急介入，救回超过 50 万美元的 NFT 这不是 Floor Protocol @floorprotocol 第一次被盗。2023 年 12 月，Floor Protocol 曾因外围 multicall 合约漏洞遭攻击，多枚 BAYC、Pudgy Penguins 等蓝筹 NFT 被转走；当时主合约与 vault 未受影响，团队也承诺补偿用户 这次问题出在 @bitmappunksnft 的 fpToken / $BMP 与底层 NFT 的兑换机制。攻击者利用合约的压缩记账漏洞，构造特殊 token id，让协议在检查 NFT 所有权时误判他拥有相关权益，后续又触发余额计算错误。原本余额不足应该交易失败，结果系统把攻击者的余额从 0 算成极大数字，形成近乎无限的 fpToken 余额 攻击者随后把 fpToken 价格砸到接近 0，并抽走池子里的流动性；套利者开始低价买入代币，再拿去兑换底层 NFT 并出售获利 @yugalabs 后续发现，同类漏洞可能继续影响更多 Floor 池子，于是由其 Blockchain VP @0xQuit 执行白帽救援，最终救回 68 个 NFT，包括 BAYC、MAYC、CryptoPunks、Azuki 等蓝筹资产。目前这些 NFT 已由 Yuga Labs 托管，后续会在解决方案确定后归还给原持有人 协议可以转型，产品可以休眠，但链上合约不会自动退休。只要旧合约还能被调用、池子里还有资产，就可能在某一天重新成为攻击入口

BitmapPunks 联创 FreeLunchCapital 表示，攻击者通过超额铸造 BMP 耗尽流动性池后，项目底层账务系统已进入无效状态，无法仅通过修复漏洞恢复。团队正进行全面代码审查并研究补救方案，未来可能移除大部分基于 ERC-721 的高级功能以降低安全风险。wublock123.com/news/bitmappu…

1/ An update on BitmapPunks ($BMP): As mentioned in the previous thread, BitmapPunks was the other project hit in this attack. The attacker drained the liquidity pools by minting an excessive amount of $BMP, and the damage went well beyond the market cap.

Have you communicated at all with BitMapPunks since the exploits? I see zero updates or announcements. Also can you explain why higher ticket NFTs were not prioritized in the exploit extraction? Wouldn’t it make sense that those would be the first to move and not Nakamigos?

2/ Despite multiple rounds of security reviews, an attacker exploited a vulnerability to mint excess fungible tokens and redeem all NFTs held by the FloorProtocol contract. The same vector was used against BitmapPunks, draining the liquidity pools supplied by the team.

1/ Today, an exploit occurred affecting FloorProtocol V2 and BitmapPunks. Both projects share a similar core contract structure: all fungible tokens issued are pegged 1:1 to the NFTs locked in the contract, allowing users to convert back and forth freely.

Some of you found the GitHub repo. Even fewer found the NPM package — the one that lets any site or AI agent pull the entire BitmapPunks PFP collection. The signal is quiet on purpose. "Few" is the feature. And it keeps growing — steadily.

We build BitmapPunks for everyone

A few team members have departed to pursue new paths. Rather than simply hiring replacements and restoring the old routine, BitmapPunks is entering a transition unlike anything we've attempted before — we're exploring the possibility of running this project with AI. This is new territory for all of us. Will you stay and see what's possible, or step away before the story unfolds?

BitmapPunks turns 1 year old in a few hours. One year ago, we made history by breaking Ethereum, pushing gas prices to nearly 30 gwei during our launch. The following months saw us pioneer groundbreaking features - native marketplace, seeding, unboxing, and more. 6 months ago, we made the bold move to BSC. It wasn't an easy decision, but our innovative hybrid bridge implementation proved flawless. We landed on BSC just as $BNB reached its historic milestone, breaking the 4-digit USD mark for the first time. Throughout this journey, our community has evolved. Some joined us, others moved on. People came for different reasons: our technological innovation, artistic vision, and determination to reshape the space. Yet we acknowledge our challenges with product-market fit. In a crypto landscape where metas shift instantly, we've stayed true to our core identity rather than chasing trends. We remain committed to our vision: building an elegant on-chain PFP collection. While we may not be your most profitable investment, we're the builders who stay when others leave, the innovators who create when others copy, and the dreamers who persist when others quit. Happy New Year, fellow pioneers. Let's build something timeless.

A few months ago, we launched a simple game - think Candy Crush with BitmapPunks elements. Our expectations were modest; we thought people would play a few rounds and move on. The response surprised us. Despite its simplicity, we maintained 3-digit engagement, with people regularly returning to kill time. While it wasn't designed for profit, seeing our community enjoy it was deeply rewarding. So we decided to level up. In less than 24 hours, you'll experience a new version of BitmapCrush with 10x more content. Consider it our thank you gift to everyone who's stayed with us through this journey. Get ready to crush!

Just thought I’d post this here 👀 🔥 #BitMapPunks #NFT #NFTdrops 🚀YOU DON’T WANT TO MISS OUT!! bitmappunks.com/market