The incident of 20 million OP accidentally lost: A year of confusing operations
OP has always been highly anticipated, but it has faced continuous turmoil since the issuance of its tokens.Author: Azuma, Planet Daily
In the early hours of today, Optimism and the market maker Wintermute both released announcements disclosing an incident in which 20 million OP tokens were accidentally "stolen."
As a result of this negative news, OP quickly plummeted in the secondary market, dropping below 0.7 USDT at one point, and as of the time of writing, it is reported at 0.786 USD.
Combining the statements from both Optimism and Wintermute, we can roughly outline the sequence of events.
The background of the incident is that at the time of the OP token launch, Optimism entrusted Wintermute to provide liquidity services for OP in the secondary market. As part of the agreement, Optimism would provide Wintermute with 20 million OP tokens.
To receive these tokens, Wintermute provided Optimism with a multi-signature address (0x4f3a120E72C76c22ae802D129F599BFDbc31cb81). After Optimism tested sending two transactions and Wintermute confirmed they were correct, Optimism transferred 20 million OP to that address.
At this point, the problem arose. After Optimism completed the transfer, Wintermute found that it could not control these tokens because the multi-signature address they provided was only deployed on the Ethereum mainnet and had not yet been deployed to the Optimism network.
Note: Multi-signature addresses are different from regular addresses; control on L1 and L2 does not completely correspond.
To control these tokens, Wintermute immediately initiated remedial actions, hoping to deploy the multi-signature contract to the same address on the Optimism network.
Unfortunately, before Wintermute could act, an attacker had already detected this vulnerability and deployed the multi-signature to the same address on the Optimism network, successfully taking control of the 20 million tokens.
This is the sequence of events. The hacker has now successfully controlled these tokens and sold the first batch of 1 million tokens three days ago.
So, what are the current remedial plans of Optimism and Wintermute?
First, to ensure the continuation of market-making activities, Optimism has provided Wintermute with a second batch of 20 million OP tokens, for which Wintermute has paid a deposit of 50 million USD.
Second, Wintermute has acknowledged that it is 100% responsible for this incident and has committed to repurchasing an equivalent amount of tokens. For the 1 million OP tokens that the hacker sold previously, Wintermute completed the first repurchase yesterday.
Finally, Wintermute hopes to recover the lost 20 million OP tokens through a combination of soft and hard measures. Specifically, they will give the hacker one week to consider returning the tokens; if the hacker agrees to return them, they will be regarded as a white-hat hacker. Otherwise, an investigation will begin, involving thorough identification of the hacker through extensive searches, and they will be handed over to judicial authorities.
As of the time of writing (after the announcements from Optimism and Wintermute), there has been another movement from the hacker's control—this time transferring out 1 million OP tokens, but instead of selling, they were directly transferred to Vitalik Buterin's address (0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045). It is currently uncertain what the hacker intends to do next, and it is also unclear whether the remaining 18 million OP tokens might be returned.
Risk warning
Risk warning
