Hacked Crypto Platform Offers $10M Bounty for Return of Stolen Funds

Crypto platform Fei Protocol hopes a $10 million bounty “with no questions asked” will spur hackers to return nearly $80 million of digital assets stolen over the weekend.

Fei, the stablecoin issuer which merged with crypto lending startup Rari Capital just five months ago, made the plea on Twitter hours after the exploit — in which hackers infiltrated the platform’s lending pools — was detected Saturday.

“We are aware of an exploit on various Rari Fuse pools. We have identified the root cause and paused all borrowing to mitigate further damage,” Fei Protocol tweeted. “To the exploiter, please accept a [$10 million] bounty and no questions asked if you return the remaining user funds.” 

Rari’s hacker leveraged a critical “reentrancy” bug buried deep within the protocol’s code. These bugs involve smart contracts calling each other to move funds without appropriate checks. 

For its codebase, Fei forked (read: copied) Ethereum money market platform Compound in early 2021. Compound enables crypto lending by valuing digital assets. It automatically determines borrow limits and gauges market conditions to calculate interest.

Fei made certain changes to the code, however, despite audits, the flaw wasn’t discovered until it was too late.

Compound forks have suffered similar fates in the past. Rari even paid $2 million to security researchers who had discovered a nearly identical flaw in March.

Decentralized exchange Uniswap, DeFi platform Cream Finance, and The Dao, among other projects, have fallen victim to reentrancy attacks dating back to 2016. 

Rari also lost $11 million to smart contract hackers in an unrelated attack last May, then about 60% of the protocol’s capital.

In this case, Rari Fuse lending pools (which facilitate the lending of related ERC-20 tokens) effectively failed to keep track of how much cryptocurrency had been borrowed.

The setup illegitimately allowed for the borrowing of large amounts of cryptocurrency, withdrawal of the loan’s collateral and retention of borrowed funds, according to smart contract auditor CertiK.

The hackers flash-loaned $150 million worth of stablecoin USDC and 50,000 WETH ($141.5 million) to power more crypto loans from seven Rari Fuse pools.

After triggering a buggy “exitMarket” smart contract function, they withdrew the collateral, repaid the flash loan and kept the “borrowed” funds from Rari Fuse. The hackers repeated this process until they’d amassed roughly $80 million of crypto.

Rari Capital later disclosed another 100 ETH had been hacked Sunday from a Fuse pool on layer-2 Ethereum platform Arbitrum.

BlockSec Chief Technology Officer Lei Wu confirmed to Blockworks that 5,400 ETH of the pilfered stash had been sent to crypto mixer Tornado Cash.

The stolen funds essentially belong to Rari Fuse users who had loaned their crypto. With this in mind, Fei Protocol is not exactly the victim — despite the exploit targeting its source code. 

Rari developer Jack Longarzo told Blockworks that Rari’s Fuse platform and the Tribe DAO that manages Fei and Rari’s governance are the real victims. In fact, Tribe DAO may deliberate whether to release funds from its treasuries to make Rari Fuse users whole. Its treasury is currently worth $104 million, according to OpenOrgs.

While there’s no formal bailout proposal as yet (and Longarzo wouldn’t comment on whether one was in the works), such a move would starkly contrast the VC-funded bailouts of other embattled DeFi platforms such as Wormhole and Ronin, which have generally involved more centralized and private decision-making than a community vote.

But there is some indication that Tribe DAO participants may be losing faith. The DAO’s native token, TRIBE, is down 20% since the attack was first disclosed.

Get the day’s top crypto news and insights delivered to your inbox every evening. Subscribe to Blockworks’ free newsletter now.