Sam is a reporter at CoinDesk focused on decentralized technology, DeFi and DAOs. He owns ETH, BTC and MATIC.

The attacker behind the recent theft of 20 million Optimism (OP) tokens returned 17 million of them on Friday. The funds were returned to an address belonging to Optimism, the Ethereum rollup provider, over the course of 17 transactions.

"We see today’s news as a very positive development," Wintermute founder and CEO Evgeny Gaevoy told CoinDesk. "The Optimism foundation has been made whole and can focus on building and growing the ecosystem. The person who discovered the exploit chose to wear a white hat, setting a good precedent for the whole crypto community."

According to a tweet from Optimism, 2 million tokens were retained by the attacker as a bounty.

Before returning the tokens, the attacker sent an on-chain message to Ethereum co-founder Vitalik Buterin stating their willingness to return the full 18 million OP in their possession.

“Hello, Vitalik, I believe in you, just want to know your opinion on this. BTW, help to verify the return address and I will return the remaining after you.
And hello Wintermute, sorry, I only have 18M and this is what I can return.
Stay Optimistic!”


Previously, the attacker cashed out 1 million OP and sent an additional 1 million to Buterin, who is working to return the funds according to Optimism. At press time, 1 million tokens, worth close to $900,000, remained in the attacker’s wallet, blockchain data shows.

Optimism is a layer 2 rollup chain for Ethereum that helps scale the network with its quick transactions and low fees. It launched the OP governance token last month in a bid to shift towards greater community control.

The attacker managed to get a hold of OP tokens that were supposed to go to Wintermute, a crypto market maker that partnered with Optimism for “liquidity provisioning services” in the run-up to the token’s introduction. Trouble came when Wintermute mistakenly provided Optimism with an Ethereum address, rather than an Optimism address, to receive the loaned-out funds.

Before Wintermute could retrieve the funds, the attacker set up their own wallet at the address where Optimism sent the 20 million tokens.

In a statement released two days ago, Wintermute said it would not pursue legal action against the attacker if the funds were returned within a week.

"Wintermute, while having to accept the bounty as a loss, can now fully focus on providing liquidity for the OP token," Gaevoy told CoinDesk on Friday. "We are incredibly grateful to Optimism team for constructively working with us during this crisis and are excited about a number of future initiatives we are looking to do to support Optimism ecosystem."


Read more about

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

CoinDesk - Unknown

Sam is a reporter at CoinDesk focused on decentralized technology, DeFi and DAOs. He owns ETH, BTC and MATIC.

CoinDesk - Unknown

Sam is a reporter at CoinDesk focused on decentralized technology, DeFi and DAOs. He owns ETH, BTC and MATIC.