Bizarre Twist: $600 Million DeFi Hacker Asked to Become Project Security Adviser

By José Oramas August 19, 2021 In Blockchain, Crypto News, DeFi, Ethereum

The hacker who stole US$611 million from the Poly Network last week turned out to be a white hat hacker who returned the funds while exposing the protocol’s network security flaws. And what’s even weirder, the Poly Network team offered the hacker a US$500k reward, and a role as chief security officer.

A Strange Turn of Events

As per an August 17 blog post, the Poly Network completed the second phase of the Mainnet Upgrade while keeping the hacker updated daily on its progress. Poly Network and the hacker had been interchanging encrypted messages in which the latter shared his concerns about the protocol’s network security and overall projects in the DeFi space.

We are also counting on more experts like Mr White Hat to be involved in the future development of Poly Network since we believe that we share the vision to build a secure and robust distributed system. Also, to extend our thanks and encourage Mr White Hat to continue contributing to security advancement in the blockchain world together with Poly Network, we cordially invite Mr White Hat to be the Chief Security Adviser of Poly Network.

Poly Network blog post

The protocol hopes that the hacker returns the private keys to restore full assets control to the community.


‘Mr White Hat’ Exploits Bug on Smart Contracts

As Crypto News Australia reported on August 12, the hacker – dubbed “Mr White Hat” – found a bug on the protocol’s smart contracts that allowed him to move assets between different blockchains, as per an analysis from blockchain forensic firm Chainalysis.

The hacker stole a total of US$611 million in Ethereum, BNB and Poly, making it the biggest theft in DeFi history. Yet things changed when the hacker started returning the funds progressively to the protocol through a multisig wallet.

He also tried to communicate with the Poly Network team through private messages embedded in an ETH transaction the hacker sent to himself. “It’s already a legend to win so much fortune. It will be an eternal legend to save the world. I made the decision, no more DAO,” reads one of the messages.

Hacker Refuses Bounty, Offered Further Reward

After several messages and a dialogue made public, the hacker clarified his intentions and his vision of the DeFi space. While the hacker refused to accept the $500k bounty, the protocol still plans to reward him for his “contributions to blockchain security”.

We are grateful for Mr White Hat’s outstanding contribution to Poly Network’s security enhancements. While there were certain misunderstandings in the beginning due to poor communication channels, we now understand Mr White Hat’s vision for DeFi and the crypto world, which is in line with Poly Network’s ambitions from the very beginning – to provide interoperability for ledgers in Web 3.0.

Poly Network

José Oramas

José Oramas

José is a journalist and translator with a keen interest in blockchain and cryptocurrencies.

You may also like