According to the announcement, the hackers stole 7.64 million USDC, the team injected 5.5 million USD of their own funds, and obtained additional liquidity through the Euler platform. Based on this calculation, the additional liquidity obtained through Euler amounted to approximately 2.14 million USD. Here's the first point of contention: YU is minted by staking YBTC. Obtaining $2.14 million through Euler means that the protocol staked more than $2.14 million of YU in Euler, which is backed by at least $3 million of BTC as collateral. If the $3 million worth of BTC belonged to the YALA team, why not simply exchange the BTC for USDT instead of paying a high interest rate to borrow from Euler? I can think of two possibilities: ① YALA's YU used as collateral for Euler does not have sufficient YBTC. ② The BTC corresponding to this portion of YBTC is not actually controlled by YALA (for example, through some kind of side agreement). The announcement also mentioned that some assets had been converted into Ethereum before trading resumed, but the subsequent price drop, coupled with the funds invested by the attackers, reduced the actual value of the restored assets. Herein lies the second point of contention: Based on an ETH price of 3000 USDT, the recoverable portion of the stolen funds is approximately $4.9 million. This means that recovered funds plus the project's own $5.5 million would exceed the $7.64 million shortfall. Given this situation, why couldn't the project team obtain the remaining $2.14 million in funding or a bridge loan through other means? After all, the project team has the ability to repay after the funds are recovered. I can think of three possibilities: ① The project team has no plans to resume operations, and any recovered funds will be used to repay their own capital first. ② The project's creditworthiness has been insufficient to secure additional funding, or other losses far exceed $2.14 million. Further investigation of YBTC data reveals that 99% of YBTC is controlled by three addresses, which also means that 99% of YU is controlled by these four addresses. Let's tentatively name them Address A through Address C. Next, we will analyze the behavior of each address one by one: Address A: Founded 39.35 million YU, repaid 17 million YU, net debt approximately 22 million YU, address balance 2.4 million YU. Address B: Minted 43.57 million YU, repaid 10 million YU, net debt 33.57 million YU, address balance 2.77 million YU. Most of the YU from Address B (approximately 30.15 million) flowed into contract 0x9593807414, which is Yala's Stability Pool. The current total deposits shown in the Stability Pool are 32.8 million YU. This means that Address B is also perfectly normal. Address C: A total of 32.5 million YU has been minted, 33.3 million YU has been repaid, and YBTC has been destroyed and BTC retrieved. All transactions are normal. Clearly, the problem lies with address A, so let's investigate further. Address A's transactions are highly complex, but overall, it net minted 28 million YU and obtained additional YU through other addresses. The vast majority of this YU has already flowed into various protocols. From Dabank, we can see other more interesting data: this address pledged a large amount of YU and PT, borrowing a total of $4.93 million in USDT and USDC from Euler. Clearly, these three loans were effectively defaulted on after YU fell to $0.15. This address used a small amount of U to purchase YALA 12 days ago, and also made a partial repayment to Euler. Given that the team mentioned "injecting $5.5 million" and obtaining additional liquidity through the Euler platform, this address is very likely the team's operating address, and we now know that the team obtained approximately $4.9 million in liquidity from Euler. This is a dividing line. The above is objective data and facts. What follows is my speculation and may not be accurate. (1) YALA obtained approximately 500 illegal YBTC through some means (meaning that YALA had no substantial control over the corresponding 500 BTC) and used these 500 YBTC to mint 28 million YU (which we will call illegal YU for now). These illicit funds may have been used for other purposes in the past, such as obtaining airdrops, providing DEX liquidity, or depositing into Pendle, but that's not important. I think the reason why 500 YBTC is illegal is simple: if you have $50 million of BTC at your disposal, you wouldn't take out a high-interest loan for a $7.64 million funding need. (2) After the hackers stole 7.64 million USDC, YALA used some of the illicit YU to obtain a loan of about 4.9 million USD from Euler, while also providing some of its own funds in an attempt to get the agreement back on track. One problem here is that the $5.5 million in equity funds claimed in the agreement plus the $4.9 million in illicit loans totals more than $7.64 million in funding shortfall. There are also many potential possibilities, such as the $5.5 million figure being exaggerated or a portion of the Euler loan being returned to the provider of the $5.5 million. (3) After the hacker was arrested, due to some factors, the recoverable funds were far less than US$7.64 million, such as the previously mentioned US$4.9 million (considering the disposal process, the actual recoverable funds were even lower). In this case, the YALA protocol would still bear a loss of more than US$2.7 million. In this situation, address A chose to default, shifting the losses to Euler, but at the cost of the YALA protocol going bankrupt and ceasing operations. (4) Who is the instigator? As mentioned before, more than 99% of YALA and YU are held by three addresses (plus one bfBTC depositor). Addresses B and C do not have any net inflow or outflow of YU and are not involved in the whole thing. BTC depositors will not suffer any losses; they simply need to repay YU and retrieve their BTC. The losers are holders of YU and its derivative assets, as well as Euler depositors. This money flowed to address A, ultimately benefiting the YALA team. They shifted the losses onto the users, and even profited if the team embezzled the $4.9 million from the judicial proceedings. Of course, all of this is based on the assumption that address A belongs to the YALA Team.According to the announcement, the hackers stole 7.64 million USDC, the team injected 5.5 million USD of their own funds, and obtained additional liquidity through the Euler platform. Based on this calculation, the additional liquidity obtained through Euler amounted to approximately 2.14 million USD. Here's the first point of contention: YU is minted by staking YBTC. Obtaining $2.14 million through Euler means that the protocol staked more than $2.14 million of YU in Euler, which is backed by at least $3 million of BTC as collateral. If the $3 million worth of BTC belonged to the YALA team, why not simply exchange the BTC for USDT instead of paying a high interest rate to borrow from Euler? I can think of two possibilities: ① YALA's YU used as collateral for Euler does not have sufficient YBTC. ② The BTC corresponding to this portion of YBTC is not actually controlled by YALA (for example, through some kind of side agreement). The announcement also mentioned that some assets had been converted into Ethereum before trading resumed, but the subsequent price drop, coupled with the funds invested by the attackers, reduced the actual value of the restored assets. Herein lies the second point of contention: Based on an ETH price of 3000 USDT, the recoverable portion of the stolen funds is approximately $4.9 million. This means that recovered funds plus the project's own $5.5 million would exceed the $7.64 million shortfall. Given this situation, why couldn't the project team obtain the remaining $2.14 million in funding or a bridge loan through other means? After all, the project team has the ability to repay after the funds are recovered. I can think of three possibilities: ① The project team has no plans to resume operations, and any recovered funds will be used to repay their own capital first. ② The project's creditworthiness has been insufficient to secure additional funding, or other losses far exceed $2.14 million. Further investigation of YBTC data reveals that 99% of YBTC is controlled by three addresses, which also means that 99% of YU is controlled by these four addresses. Let's tentatively name them Address A through Address C. Next, we will analyze the behavior of each address one by one: Address A: Founded 39.35 million YU, repaid 17 million YU, net debt approximately 22 million YU, address balance 2.4 million YU. Address B: Minted 43.57 million YU, repaid 10 million YU, net debt 33.57 million YU, address balance 2.77 million YU. Most of the YU from Address B (approximately 30.15 million) flowed into contract 0x9593807414, which is Yala's Stability Pool. The current total deposits shown in the Stability Pool are 32.8 million YU. This means that Address B is also perfectly normal. Address C: A total of 32.5 million YU has been minted, 33.3 million YU has been repaid, and YBTC has been destroyed and BTC retrieved. All transactions are normal. Clearly, the problem lies with address A, so let's investigate further. Address A's transactions are highly complex, but overall, it net minted 28 million YU and obtained additional YU through other addresses. The vast majority of this YU has already flowed into various protocols. From Dabank, we can see other more interesting data: this address pledged a large amount of YU and PT, borrowing a total of $4.93 million in USDT and USDC from Euler. Clearly, these three loans were effectively defaulted on after YU fell to $0.15. This address used a small amount of U to purchase YALA 12 days ago, and also made a partial repayment to Euler. Given that the team mentioned "injecting $5.5 million" and obtaining additional liquidity through the Euler platform, this address is very likely the team's operating address, and we now know that the team obtained approximately $4.9 million in liquidity from Euler. This is a dividing line. The above is objective data and facts. What follows is my speculation and may not be accurate. (1) YALA obtained approximately 500 illegal YBTC through some means (meaning that YALA had no substantial control over the corresponding 500 BTC) and used these 500 YBTC to mint 28 million YU (which we will call illegal YU for now). These illicit funds may have been used for other purposes in the past, such as obtaining airdrops, providing DEX liquidity, or depositing into Pendle, but that's not important. I think the reason why 500 YBTC is illegal is simple: if you have $50 million of BTC at your disposal, you wouldn't take out a high-interest loan for a $7.64 million funding need. (2) After the hackers stole 7.64 million USDC, YALA used some of the illicit YU to obtain a loan of about 4.9 million USD from Euler, while also providing some of its own funds in an attempt to get the agreement back on track. One problem here is that the $5.5 million in equity funds claimed in the agreement plus the $4.9 million in illicit loans totals more than $7.64 million in funding shortfall. There are also many potential possibilities, such as the $5.5 million figure being exaggerated or a portion of the Euler loan being returned to the provider of the $5.5 million. (3) After the hacker was arrested, due to some factors, the recoverable funds were far less than US$7.64 million, such as the previously mentioned US$4.9 million (considering the disposal process, the actual recoverable funds were even lower). In this case, the YALA protocol would still bear a loss of more than US$2.7 million. In this situation, address A chose to default, shifting the losses to Euler, but at the cost of the YALA protocol going bankrupt and ceasing operations. (4) Who is the instigator? As mentioned before, more than 99% of YALA and YU are held by three addresses (plus one bfBTC depositor). Addresses B and C do not have any net inflow or outflow of YU and are not involved in the whole thing. BTC depositors will not suffer any losses; they simply need to repay YU and retrieve their BTC. The losers are holders of YU and its derivative assets, as well as Euler depositors. This money flowed to address A, ultimately benefiting the YALA team. They shifted the losses onto the users, and even profited if the team embezzled the $4.9 million from the judicial proceedings. Of course, all of this is based on the assumption that address A belongs to the YALA Team.