Optimism Attacker Returns 17M Stolen OP Tokens

The attacker behind the recent theft of 20 million Optimism (OP) tokens returned 17 million of them on Friday. The funds were returned to an address belonging to Optimism, the Ethereum rollup provider, over the course of 17 transactions.

"We see today’s news as a very positive development," Wintermute founder and CEO Evgeny Gaevoy told CoinDesk. "The Optimism foundation has been made whole and can focus on building and growing the ecosystem. The person who discovered the exploit chose to wear a white hat, setting a good precedent for the whole crypto community."

According to a tweet from Optimism, 2 million tokens were retained by the attacker as a bounty.

Before returning the tokens, the attacker sent an on-chain message to Ethereum co-founder Vitalik Buterin stating their willingness to return the full 18 million OP in their possession.

Previously, the attacker cashed out 1 million OP and sent an additional 1 million to Buterin, who is working to return the funds according to Optimism. At press time, 1 million tokens, worth close to $900,000, remained in the attacker’s wallet, blockchain data shows.

Optimism is a layer 2 rollup chain for Ethereum that helps scale the network with its quick transactions and low fees. It launched the OP governance token last month in a bid to shift towards greater community control.

The attacker managed to get a hold of OP tokens that were supposed to go to Wintermute, a crypto market maker that partnered with Optimism for “liquidity provisioning services” in the run-up to the token’s introduction. Trouble came when Wintermute mistakenly provided Optimism with an Ethereum address, rather than an Optimism address, to receive the loaned-out funds.

Before Wintermute could retrieve the funds, the attacker set up their own wallet at the address where Optimism sent the 20 million tokens.

In a statement released two days ago, Wintermute said it would not pursue legal action against the attacker if the funds were returned within a week.

"Wintermute, while having to accept the bounty as a loss, can now fully focus on providing liquidity for the OP token," Gaevoy told CoinDesk on Friday. "We are incredibly grateful to Optimism team for constructively working with us during this crisis and are excited about a number of future initiatives we are looking to do to support Optimism ecosystem."