Ethereum-scaling Layer-2 solution Optimism recently announced that some 20 million OP governance tokens were stolen by an attacker who interfered in a token recovery process involving Wintermute.
Attacker Steals 20 Million OP Tokens
Barely a week after the official airdrop of its OP governance token, Ethereum Layer-2 scaling project Optimism today revealed that close to 20 million of its total OP token supply was stolen by an attacker.
Notably, the said hacker interfered in a token recovery process involving Wintermute.
As mentioned earlier, Optimism is the latest high-profile scaling project to airdrop its governance token OP to the ecosystem’s early users and governance participants. The OP token airdrop was aimed toward decentralizing the protocol’s governance.
A specific portion of the total token supply was also kept aside to provide helping outside parties.
An official Optimism blog post notes:
“The Optimism Foundation engaged Wintermute for liquidity provisioning services in an effort to facilitate a smoother experience for users acquiring OP to participate in Collective governance. To carry out this engagement, a temporary grant of 20 million OP tokens was allocated to Wintermute from the Foundation’s Partner Fund.”
The attacker found a window of opportunity when Wintermute mistakenly provided a multi-signature Ethereum address that had not yet gone live on Optimism. Evgeny Gaevoy, CEO and founder of Wintermute said the multi-sig address was a Gnosis safe.
“Wintermute began a recovery operation with the goal to deploy the L1 multisig contract to the same address on L2. Unfortunately, an attacker was able to deploy the multisig to L2 with different initialization parameters before the recovery operation was completed and took control of the 20 million OP tokens. This address has since sold 1 million tokens, and can easily sell the rest.”
Both team’s accounts indicate that Wintermute has bought those 1 million OP tokens. In addition, it intends to purchase more as the exploiter tries to sell them.
“We want to make one thing clear – the initial error is 100% Wintermute’s fault and as such we will proceed to buy OP every time the attacker sells it to make the protocol whole eventually (we did initiate buying the first million OP tokens yesterday already). We understand that it can potentially create price volatility in the token and will make best efforts to smoothen the effect.”
Moreover, Optimism adds the Foundation has also “made a second short-term grant of 20 million OP to Wintermute so that they can continue with their work as things unfold.”
OP Token Off to a Mild Start
Optimism airdropped their OP token to users at a time when market conditions are far from favourable. The total crypto market cap is hovering around $1.2 trillion after hitting an all-time high of almost $3 trillion in November 2021.
Accordingly, Optimism’s OP airdrop is currently changing hands at $0.87 with a market cap of slightly more than $184 million.
Previously, crypto.news reported the high enthusiasm among crypto users for the potential OP airdrop as the Optimism ecosystem witnessed a shard surge in active wallet addresses.