Optimism exploiter returns 17 million OP tokens

The hacker, who was given one week to make up their mind, decided to remain a white hat.

A stock photo of a an anonymous hacker wearing smiling cardboard box.

Yesterday, Ethereum L2 Optimism lost 20 million OP tokens intended for Optimism Collective DAO members after the market maker Wintermute mistakenly sent funds to the multisig Ethereum address that wasn’t deployed on the Optimism network yet. The hacker was able to access tokens before Wintermute devs completed the recovery operation, withdrawing $35m worth of tokens.

Immediately after the attack, the hacker sold one million tokens that were bought back by Wintermute and sent another million to the Ethereum co-founder Vitalik Buterin. The exploiter also delegated tokens’ voting power to the Ethereum Foundation researcher Yoav Weiss, who refuted claims that he was the hacker and suggested that the attacker might be a whitehat.

Wintermute offered the exploiter the employment opportunity in exchange for sending tokens back to Optimism’s address, threatening them with legal consequences if funds weren’t returned to the rightful owners. The hacker had one week to think it over, and today, they decided to give back 17 million OP, while one million remains in their possession. Given the returned funds plus tokens sent to Vitalik, Optimism remains two million short of the initial amount of 20m OP.