Beanstalk Farms, a permissionless fiat stablecoin protocol, has announced that it has increased the return bounty to 40% after deploying Hats Finance’s ethical return contract.
Beanstalk Farm suffered a hack on Apr. 18 last year and lost about $180 million ($77 million in non-Beanstalk assets) to the hacker. Following the attack, Beanstalk promised a 10% bounty if the attackers reimbursed the funds. However, the exploiter did not engage with the request and failed to transfer the funds to the platform’s multi-signature wallet.
The community and core team responded by offering a 10% bounty to any group that could recover the stolen funds. The exploiter did not engage with the Beanstalk Farms team…https://t.co/zOdjYVPLPf
— Hats.Finance 🦇🔊 (@HatsFinance) January 18, 2023
Beanstalk Farms deployed Hats Finance’s ethical return contract, increasing the bounty to 40%. The exploiter will now get to keep the 40% as a white hat bounty, an agreement made by platforms to compensate for security exploits and flaws reports. In addition, they will not be persecuted if they return the stolen funds.
Since the stolen funds still appear on Tornado Cash, the exploiter may resurface due to the higher offer.
Efforts to recover the funds are underway
Hats Finance mentioned that Syncubate contacted them several months ago to help recover the stolen funds. The platform and the community helped sketch the proposal based on the suggested parameters. The Beanstalk community later unanimously voted to approve.
The proposal explained how the ethical return smart contract developed by Hats Finance would work to transfer the ETH. Beanstalk Farms then deployed the smart contract after Halborn’s audit and conveyed it to the hacker on public channels like Twitter and wallet.
An on-chain message has been sent to the exploiter’s address to notify them that the bounty has been increased to 40%:https://t.co/H4c8VHoKOs
— Beanstalk Farms (@BeanstalkFarms) January 14, 2023
A 3% reward from the recovered funds will be split between Hats Finance, Sync, and Beanstalk Farms. The amount will be distributed from the ethical return contract to the various listed wallet addresses.
Meanwhile, the hacker used a flash loan attack to access a loan through Aave’s landing platform, as initially reported by crypto.news. Notably, flash loan attacks are becoming more popular, the most recent being Euler Finance, which allowed the hacker to steal $197 million.