Bitfinex is seeking to strike a deal with the hacker or hackers who stole $65m in bitcoin from the exchange back in August.
The latest twist in the ongoing story comes nearly three months after Bitfinex lost roughly 120,000 BTC in the breach. The exchange was offline for days before restoring service and eventually electing to pursue a novel (and controversial) way to spread the loss among users.
Now, the exchange is seeking to recover the lost funds from the hacker in a bid to expedite their repayment by setting up a secure channel for communication.
Representatives of Bitfinex explained that while previous bounties had been offered for information on the theft, the Hong Kong-based company had not made any direct overtures to the hacker.
In a blog post today, Bitfinex did just that, setting up an email address, PGP key and public key server, while also offering instructions on why it believes the technical tools would enable the hacker to securely, and anonymously, contact the exchange.
Bitfinex chief strategy officer Philip Potter told CoinDesk:
"We wanted to offer clear instructions on how to communicate should the hacker feel there might be a better [or safer] way of getting paid at some fraction of the original theft amount."
Previously, Bitfinex had offered to give 5% of the value of the stolen bitcoins to anyone who provided information that could lead to the recovery of the funds.
As for how this affects attempts by Bitfinex to work with authorities, Potter was less clear, declining to comment. The exchange had previously revealed it was cooperating with the FBI and undisclosed European authorities following the hack.
On the size of the bounty, Potter was also not able to provide exact details, though he did suggest Bitfinex is willing to negotiate any final terms with the hacker.
"We are open to any arrangement that maximizes recovery for our customers," Potter explained. "We will consider any [and] all arrangements to that end."
Potter also spoke to what he saw as the value of the deal given that Bitfinex believes the stolen funds have not been exchanged or sold, and that doing so would be difficult given their public visibility on the bitcoin blockchain.
The funds, if received, could go a long way toward helping Bitfinex and its users recover from the theft.
Potter said the funds will be used to purchase the BFX tokens and Recovery Right Token (RRT) issued to investors as compensation for the breach. (More details can be found in an extended blog post for investors here).
According to company blog posts, roughly 2.5% of the outstanding digital IOUs issued to consumers have been so far redeemed.
If returned, the funds could also give a boost to the bitcoin market as a whole.
For example, market analysts continue to assert that the massive reduction in market supply caused by the theft has had an adverse effect on interest and sentiment, while at the same time reducing exchange liquidity.
In the past few months, the bitcoin market has also provided evidence to these claims, rising and falling sharply on what analysts suggest were likely single outsized trades.
Notably, the price of bitcoin has traded largely sideways since the incident, with data indicating that it has not yet recovered above its 31st July value of $654.98.
Phone image via Shutterstock