The RAMSES team is security focused and has an extensive background in information security. When there is an opportunity to safeguard user funds/rewards from potential malicious actors, we will take the necessary steps to resolve it. In this case, our team did not get a response rapidly, thus we had to move swiftly on our own.
On July 21th, 2023 at around 00:30 UTC, RAMSES had identified a vulnerability in Silo's code which allowed any bad actor to drain ALL $SILO funds within the incentives contract (~$45,000 at time of writing). Upon this discovery, our team worked on creating an accurate Proof of Concept (POC) to report in the Silo ImmuneFi bug bounty.
After we had completed the POC and verified that draining the entire balance was possible (See screenshots of tests below) we submitted our bug report to ImmuneFi.
Due to the nature of the situation, we took it upon ourselves to perform a white-hat operation; draining the $SILO incentives and sending it to the RAMSES Treasury for safekeeping.