Optimism Attacker Returns 17M Stolen OP Tokens
The attacker was rewarded with 2 million of the tokens as a bounty.
Jun 10, 2022 at 3:26 p.m. UTC
/arc-photo-coindesk/arc2-prod/public/LXF2COBSKBCNHNRE3WTK2BZ7GE.png)
The attacker behind the recent theft of 20 million Optimism (OP) tokens returned 17 million of them on Friday. The funds were returned to an address belonging to Optimism, the Ethereum rollup provider, over the course of 17 transactions.
"We see today’s news as a very positive development," Wintermute founder and CEO Evgeny Gaevoy told CoinDesk. "The Optimism foundation has been made whole and can focus on building and growing the ecosystem. The person who discovered the exploit chose to wear a white hat, setting a good precedent for the whole crypto community."
According to a tweet from Optimism, 2 million tokens were retained by the attacker as a bounty.
Before returning the tokens, the attacker sent an on-chain message to Ethereum co-founder Vitalik Buterin stating their willingness to return the full 18 million OP in their possession.
Previously, the attacker cashed out 1 million OP and sent an additional 1 million to Buterin, who is working to return the funds according to Optimism. At press time, 1 million tokens, worth close to $900,000, remained in the attacker’s wallet, blockchain data shows.
Optimism is a layer 2 rollup chain for Ethereum that helps scale the network with its quick transactions and low fees. It launched the OP governance token last month in a bid to shift towards greater community control.
The attacker managed to get a hold of OP tokens that were supposed to go to Wintermute, a crypto market maker that partnered with Optimism for “liquidity provisioning services” in the run-up to the token’s introduction. Trouble came when Wintermute mistakenly provided Optimism with an Ethereum address, rather than an Optimism address, to receive the loaned-out funds.
Before Wintermute could retrieve the funds, the attacker set up their own wallet at the address where Optimism sent the 20 million tokens.
In a statement released two days ago, Wintermute said it would not pursue legal action against the attacker if the funds were returned within a week.
"Wintermute, while having to accept the bounty as a loss, can now fully focus on providing liquidity for the OP token," Gaevoy told CoinDesk on Friday. "We are incredibly grateful to Optimism team for constructively working with us during this crisis and are excited about a number of future initiatives we are looking to do to support Optimism ecosystem."
Disclosure
Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is an award-winning media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. In November 2023, CoinDesk was acquired by Bullish group, owner of Bullish, a regulated, institutional digital assets exchange. Bullish group is majority owned by Block.one; both groups have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary, and an editorial committee, chaired by a former editor-in-chief of The Wall Street Journal, is being formed to support journalistic integrity.
:format(webp)/www.coindesk.com/resizer/Qc1SOsxolC6_Esqs89-xeXCpbKk=/arc-photo-coindesk/arc2-prod/public/VDZCFPNTYVCTNBFQBVIGFLKBAA.png)
Sam is CoinDesk's deputy managing editor for tech and protocols. He reports on decentralized technology, infrastructure and governance. He owns ETH and BTC.
Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.