[Update: In the ‘Wallet Operations’ section below, we originally wrote that remaining bounties and tokens that needed unwinding would be sent from the Official Nomad Recovery wallet, but it should be noted that these will be sent from the staging wallet instead. This should have no impact on any of the wallet operations other than adding one intermediate step.]
As the team gets closer to relaunching the Nomad token bridge and allowing users to bridge back, one of the critical steps we’d like to share more details on is the process for sorting recovered funds. This post will outline the four different categories of funds in the Official Nomad Recovery Wallet, and the operations that will take place with respect to those funds prior to the bridge relaunch. As of the time this post was drafted, the total pool of recovered funds was equivalent to ~$38.8M USD.
Categorizing Recovered Funds
Funds in the Official Nomad Recovery Wallet fall into one of four categories:
- Tokens returned in their original form
(~76.7% of recovered funds, ~$29.8M USD-equivalent)
This category of funds comprises those funds where a whitehat removed a specific token from the bridge, and returned the same type of token they took (e.g. the hacker took DAI and returned DAI). Because the exploited and returned tokens are the same in this instance, these tokens can be directly mapped back to the related hacking transactions.
2. Tokens that were converted to another form and subsequently returned
(~21.3% of recovered funds, ~$8.3M USD-equivalent)
This category of funds comprises those in which a whitehat removed a specific token from the bridge, and returned a different type of token (e.g. the hacker took USDC and returned ETH). Because the exploited and returned tokens are not the same in this instance, the recovered tokens have been mapped back to the original hacking transaction(s) and will be unwound into the originally hacked token type(s). This is essential for allowing users to access pro-rata shares of recovered funds denominated in the correct token(s).
3. Retroactive Bounties Requested
(~1.6% of recovered funds, ~$610K USD-equivalent)
This category of funds has been requested by whitehats retroactively as part of the bounty program. In the days after the bridge hack, we announced a 10% bounty for all whitehats who returned funds that were taken during the exploit. Many whitehats elected to return 90% of their exploited funds and keep the remaining 10%, and in those cases there will be no additional bounty. However, some whitehats either (a) returned funds prior to the bounty being made available or (b) returned the full 100% of exploited funds and then later requested the bounty. This category of funds will be used to honor these outstanding requests.
4. Funds potentially subject to regulatory restrictions
(~0.4% of recovered funds, ~$160K USD-equivalent)
This category of funds is potentially subject to regulatory restrictions, and as such we are not able to move these funds until we complete our analysis regarding any legal requirements that may apply to these funds. This category of funds includes dusting transactions that were sent to the recovery wallet from various sources unrelated to the post-hack recovery effort.
Recovery Wallet Operations
Given that the recovery wallet contains these four categories of funds, several operations will need to take place so that users can access pro-rata shares of the recovered funds for each impacted token. These operations will ensure that tokens are able to be accessed in the form in which they were taken from the bridge.
Below is a list of the operations that will occur to recovered funds prior to relaunching the bridge:
- A multisig staging wallet (0xb21E7B61d5A39bAAFa8011Ff0bB8f6B8e7e91554) has been created to stage recovered tokens as they prepare to be loaded into the bridge. The staging wallet is a 2 of 4 Gnosis Safe that includes the Nomad founders and an additional multisig with other members of the Nomad core team.
- Bounties will be sent back to whitehats that have requested bounties (as indicated in category 3, above). These will be sent directly from the Staging Wallet to the wallet address from which they were originally sent in the form of whatever asset was returned (subject to successful completion of KYC). (e.g. if a whitehat exploited 3 WETH during the hack, returned it in full, but later requested a 10% bounty: 0.3 WETH will be sent from the recovery address to the whitehat’s wallet address.)
- The tokens that were converted to a different form prior to return (category 2, above) will be sent to a professional market maker who will unwind them back into their original token type. Once these transactions have been completed, the unwound tokens will be sent to the staging wallet. (e.g. if a whitehat recovered 3 WETH, converted it to DAI, and returned the DAI: This DAI will be sent to a professional market maker who will convert it back to WETH.)
- The tokens returned in their original form (category 1, above) from the recovery wallet will be sent to the staging wallet. (e.g. if a whitehat returned 3 WETH and did not request a bounty or had already kept a 10% bounty: 3 WETH will be sent from the Official Nomad Recovery Wallet to the staging wallet address.)
- Last Step: All funds from the staging wallet will be sent to the upgraded Nomad token bridge contracts.
As there will be a lot of movement of the funds in the recovery wallet, we wanted to be transparent about the operations that will occur, and it may take a few weeks to complete all of these necessary operations, but you can expect operations on the recovery wallet to begin soon.
Once all the necessary operations above have been completed and the bridge is relaunched, the funds will be accessible to users (subject to successful completion of KYC) through the NFT process. We know this is complex, but it’s an important step in the bridge relaunch process.
As always, we thank our partners and community members who have been helpful in our ongoing recovery and relaunch efforts.
