An Interlayer Snafu Costs Ethereum Layer-2 Solution Optimism 20 Million Tokens
In a nutshell
1. The Layer 2 scaling solution provider was unable to sync its Optimism address to an Ethereum address prior to a significant transfer of funds.
2. At the time of the breach, the stolen OP tokens were worth $35 million, and 19 million tokens are still missing.
It was revealed today that the company behind the Ethereum scaling protocol made a mistake when it delivered 20 million tokens to the wrong blockchain address as it prepared to launch the Optimism Collective DAO’s native OP currency. A hacker stole all 20 million OP tokens as a result of the glitch.
It is common for DAOs, or decentralised autonomous organisations, to use a native token to vote on decisions. As part of its DAO launch, Optimism recruited market maker Wintermute to issue 20 million OP tokens in an airdrop more quickly to Optimism Collective members.
Prior to transferring the 20 million OP tokens last week, Optimism issued two test transactions to Wintermute, and all were confirmed by Wintermute. then transferred the tokens to Wintermute, only to discover that they were no longer usable.
How? The Ethereum network’s layer-2 scaling solution, Optimism, is built on top of it. Because the Ethereum network is frequently congested, second-layer solutions allow for speedier transactions. However, this ease comes with a higher degree of risk.
The Optimism transaction involved the transfer of 20 million tokens to Wintermute’s Ethereum (L1) address, however the money were left stranded on L1 because the address had not yet been deployed or synced to an Optimism (L2) address.
When the issue was revealed on May 30, Wintermute accepted full responsibility. The Optimism Foundation was also informed by the Wintermute team that the cash may be recovered through a high-risk, one-time operation. They also asserted that the monies were secure, despite the fact that they couldn’t be accessed by anyone outside the company.
In the end, the claim proved to be false.
Optimism’s Ethereum address was hacked by an anonymous hacker within 24 hours of Wintermute notifying them of their discovery. Approximately $35 million worth of data was stolen on the morning of June 1st, the day of the hacking.
Afterwards, the hacker exchanged one million OP tokens for ETH and kept the remaining 19 million. For the rest of their lives, they remained completely silent.
Wintermute has agreed to purchase back all tokens that were sold by the hacker as part of taking responsibility. OP tokens sold by Wintermute last week have already been bought back by the company.
An optimist adds that so far, their DAO is unaffected, but they are keeping a close eye on the issue.
There have been numerous unsuccessful attempts by Optimism and Wintermute to contact the hacker. In an effort to draw the hacker’s notice, both companies made the specifics of the attack public today. Wintermute made a direct pitch to the enigmatic bandits in a blog post published this afternoon, praising their cleverness and offering them employment opportunities.
This attack has been “very outstanding,” stated Wintermute, and “we can even investigate consultancy options or other sorts of cooperation.”
With this tempting overture came an unwelcome side-effect: The business claims it would pass over evidence of the hacker’s identity–until now unknown–to law police if the remaining 19 million OP tokens aren’t returned within one week.
Wintermute warned: “You have one week to contemplate becoming a whitehat.”
It’s unclear what evidence the corporations have or what motivations the hacker has to come clean. As a result of the situation, Optimism’s reputation as a cheerful and public-minded organisation appears to have suffered a hit.
Consider your options and choose to be kind and positive rather than fearful,” Wintermute screamed at the hacker in a blog post.
Join Coinmonks Telegram group and learn about crypto trading and investing