Completely baffles me how they could have overlooked that mint function despite having their smart contract audited thrice. Either the companies that audited the contract are grossly incompetent or there's a collusion somewhere.
Don't know which is more terrifying.
Stealing this from
here. But...
From their official response here :
https://medium.com/oysterprotocol/oyster-update-b813390ce10eOr more so this quote :
Despite Oyster passing three separate smart contract audits, we were told by Bruno Block, the original founder and chief architect of the project, that the directorship of the token contract had to remain open so that the peg could be adjusted over time.
It's clear they actually knew that the minting function existed, but were told by "Bruno" that it was necessary to keep it there. So essentially three times, they were probably told that this minting function was dangerous but were told by the architect to keep it (Who then stole 300k USD worth of tokens).