In what can be defined as a rare victory for the cryptocurrency industry, Euler Finance, an Ethereum-based noncustodial lending protocol, recently announced that it will open redemptions following the return of the vast majority of assets that were stolen in a $197 million flash loan exploit last month. The hackers responsible for the exploit returned the funds, including 95,556 ETH and 43 million DAI. While the amount was higher than the initial exploited total, some 1,100 ETH was dubbed irrecoverable after being sent to the cryptocurrency mixer Tornado Cash.
Euler Finance has created a smart contract containing funds for all exploited addresses, with an embedded Merkle tree. In order for redemptions to be processed, users’ addresses need to pass the Merkle proof of validity and an acceptance token that is individually computed for each account, confirming that the account holder agrees with the terms and conditions. Euler says it will repay all sub-account liabilities at the block the protocol was disabled on March 13. The on-chain price oracle, provided by either Uniswap or Chainlink, will determine the Ether value of assets and liabilities.
However, the road to the recovery of these assets was not easy. On April 4, the Euler Finance hacker returned almost all recoverable funds following an ultimatum from project developers to either return 90% of stolen assets or face legal action. Following a brief lapse in communication, Euler launched a $1 million bounty for information leading to the whereabouts of the stolen funds and the hacker’s identity, which prompted the hacker to return the assets. Furthermore, a user convinced the hacker that he had lost his life savings due to the exploit, prompting the hacker to return 100 ETH to the individual, who donated 12 ETH to the Euler treasury.
The recovery of the stolen assets is a rare win for the cryptocurrency industry. In general, stolen assets in the crypto space have been difficult to recover, as they are usually immediately moved to anonymous wallets, making them impossible to track. In the case of the Euler Finance hack, the recovery of the assets was made possible due to the cooperation between the project developers, the hacker, and the wider cryptocurrency community. Euler Finance’s proactive stance in offering a bounty for the return of the assets also played a crucial role in facilitating the return of the stolen funds.
The return of the stolen assets further highlights the ongoing efforts being made to secure the cryptocurrency industry. As the industry continues to mature, the need for greater security measures and systems will continue to grow. One of the key ways in which security can be improved is by putting in place measures to prevent hacks from occurring in the first place. This can be achieved by creating more secure smart contracts, increasing transparency around code, and conducting regular security testing.
However, even with these measures in place, hacks will still occur, and it is crucial for cryptocurrency projects to have robust response plans. A swift and effective response plan can help minimize the damage caused, prevent assets from being moved out of the system, and increase the chances of recovering stolen assets. This will also help to build trust and confidence in the industry among both investors and the wider public.
In conclusion, the recovery of stolen assets from the Euler Finance hack is a rare victory for the cryptocurrency industry. The success of this recovery was facilitated by the cooperation of the project developers, the hacker, and the wider cryptocurrency community. It also highlights the need for greater security measures in the industry and the importance of having robust response plans in place. As the industry continues to mature, the need for more sophisticated security systems and measures will only continue to grow. However, the recovery of stolen assets in this instance serves to demonstrate that with the right measures and cooperation, assets can be returned and faith can be restored in the industry.