TechFlow reported, citing DL News, that according to Aaron Li, an ecosystem participant of the public blockchain project Harmony, in December 2023, a vulnerability in Harmony's staking contract caused some stakers to receive an excess of 150 million ONE tokens, worth approximately $2.2 million.
When users chose to withdraw their staked ONE, they would receive their stake back after several days, and then continue receiving the same amount of ONE in each subsequent "epoch."
Aaron Li criticized the Harmony team for failing to respond directly to the reported vulnerability within five days, allowing the issue to escalate. Eventually, Aaron Li implemented a temporary fix on December 12. On the other hand, Harmony software engineer Casey Gardiner accused Aaron Li of not reporting the vulnerability promptly and of selling ONE tokens during the period when the vulnerability existed.




