Guys we hope to receive deep understanding today about the way the hacker succeeded to bypass our site security, as soon as we will get those final answers we will deliver them to you.
Make no mistakes we are devastated by the lost of funds however we still got enough ETH to produce a great project. The most important thing for us to do now is gain the community trust again. We are devoted now more then ever to do whatever it takes to secure your contribution and compensate everyone that participate. We need you to help us do that.
we are going to give everyone their CDT tokens. how when and where will be out as soon as we figure out all the details. There are many options how to do it and it is something that needs to be executed carefully, we do not want to do things quick now and be sorry later.
There are forms going around collecting all of your contribution details, please help us get those forms as quickly as possible so we can continue the process. As those google forms are controlled by few members on the team from different time zones the have different urls but they are effectively the same one.
Thanks
Ridiculous statement us on the whitelist do not want your CDT tokens we have been sold a project on false pretences and you have the opportunity to make that right by refunding the eth in exchange for our CDT tokens and burning them. If you really want to gain consumer confidence you will offer people this option you have our Eth not the hacker. Bancor offered the same opportunity when they were DDOS'd during the ICO.
You have also have not addressed this issue.
As sad as the theft was, the other investors get diluted against the agreed upon terms by doing this.
Apart from the obvious fact that the team's credibility just received a massive hit after ignoring all the well-intended advice regarding token sale best practices meaning the token will most likely lose a good chunk of its value right from the start, this compensation scheme is also wide open to game theoretic attacks.
If the above promise holds true, the attacker can simply send ETH to the fake address from another sufficiently uncorrelated and seemingly innocent address they own and mint "free" CDT, effectively emptying the pockets of the investor's base via downwards inflationary pressure on the price. This has zero cost on them. They just get more CDT, the more ETH they send to themselves.
Also, there is no way to disprove this was an inside job which means that you can't restrict the "compensation" to contributions made before the announcement because the insider(s) could have taken that into account.