Optimism Attacker Returns 17M Stolen OP Tokens

The attacker was rewarded with 2 million of the tokens as a bounty.

AccessTimeIconJun 10, 2022 at 3:26 p.m. UTC
Updated Jun 11, 2022 at 12:16 a.m. UTC
Consensus 2023 Logo
Join the most important conversation in crypto and Web3 taking place in Austin, Texas, April 26-28.

Sam is CoinDesk's deputy managing editor for tech and protocols. He reports on decentralized technology, infrastructure and governance. He owns ETH and BTC.

Consensus 2023 Logo
Join the most important conversation in crypto and Web3 taking place in Austin, Texas, April 26-28.

The attacker behind the recent theft of 20 million Optimism (OP) tokens returned 17 million of them on Friday. The funds were returned to an address belonging to Optimism, the Ethereum rollup provider, over the course of 17 transactions.

"We see today’s news as a very positive development," Wintermute founder and CEO Evgeny Gaevoy told CoinDesk. "The Optimism foundation has been made whole and can focus on building and growing the ecosystem. The person who discovered the exploit chose to wear a white hat, setting a good precedent for the whole crypto community."

According to a tweet from Optimism, 2 million tokens were retained by the attacker as a bounty.

Before returning the tokens, the attacker sent an on-chain message to Ethereum co-founder Vitalik Buterin stating their willingness to return the full 18 million OP in their possession.

“Hello, Vitalik, I believe in you, just want to know your opinion on this. BTW, help to verify the return address and I will return the remaining after you.
And hello Wintermute, sorry, I only have 18M and this is what I can return.
Stay Optimistic!”


Previously, the attacker cashed out 1 million OP and sent an additional 1 million to Buterin, who is working to return the funds according to Optimism. At press time, 1 million tokens, worth close to $900,000, remained in the attacker’s wallet, blockchain data shows.

Optimism is a layer 2 rollup chain for Ethereum that helps scale the network with its quick transactions and low fees. It launched the OP governance token last month in a bid to shift towards greater community control.

The attacker managed to get a hold of OP tokens that were supposed to go to Wintermute, a crypto market maker that partnered with Optimism for “liquidity provisioning services” in the run-up to the token’s introduction. Trouble came when Wintermute mistakenly provided Optimism with an Ethereum address, rather than an Optimism address, to receive the loaned-out funds.

Before Wintermute could retrieve the funds, the attacker set up their own wallet at the address where Optimism sent the 20 million tokens.

In a statement released two days ago, Wintermute said it would not pursue legal action against the attacker if the funds were returned within a week.

"Wintermute, while having to accept the bounty as a loss, can now fully focus on providing liquidity for the OP token," Gaevoy told CoinDesk on Friday. "We are incredibly grateful to Optimism team for constructively working with us during this crisis and are excited about a number of future initiatives we are looking to do to support Optimism ecosystem."

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

CoinDesk - Unknown

Sam is CoinDesk's deputy managing editor for tech and protocols. He reports on decentralized technology, infrastructure and governance. He owns ETH and BTC.


Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.


CoinDesk - Unknown

Sam is CoinDesk's deputy managing editor for tech and protocols. He reports on decentralized technology, infrastructure and governance. He owns ETH and BTC.


Read more about