A wallet containing 20M OP, the governance tokens of Ethereum Layer 2 scaling solution Optimism, has been exploited.
The exploit was disclosed by the Optimism Foundation on Twitter.
How It Happened
The foundation employed Wintermute, a market maker, to provide initial liquidity for OP. Deeper liquidity means less volatility, and so Optimism loaned Wintermute the 20M OP as part of a deal to smooth the launch of the OP token.
Wintermute confirmed that it had received two test deposits to its Optimism wallet, after which the Optimism Foundation sent the full 20M OP tokens. At this point, Wintermute discovered that they couldn’t actually retrieve the tokens, because the market maker hadn’t yet deployed what’s called a Gnosis Safe to their address on Optimism.
A Gnosis Safe is a smart contract which acts as a multi-signature wallet that requires approval from multiple parties in order to make transactions. They are routinely used as a security measure by VCs and DeFi protocols to decentralize control of large pools of assets.
It doesn’t necessarily work across chains. “Having control over mainnet Safe doesn’t guarantee control on other EVM compatible chains (unlike ordinary wallets),” Wintermute explained in a message to the Optimism community on the Layer 2’s forum.
Essentially, Wintermute wasn’t able to easily access the 20M OP. The company was planning to perform a highly technical operation to get the tokens back, but were beaten to the punch by the as yet unknown attacker.
In the wake of the error, Kain Warwick, the founder of Synthetix, a synthetic asset protocol, emphasized what he thinks people need to do to truly test transactions.
Warwick added that the correct way to test a transaction is to make sure you can move the tokens, not just receive them.
Wintermute Takes Responsibility
Wintermute is unequivocally taking the blame for the exploit. “We want to make one thing clear – the initial error is 100% Wintermute’s fault,” the market maker wrote later in its forum post.
To make amends, Wintermute has also committed to buy an equivalent amount of OP tokens whenever the attacker sells them, and has already done so for the first million tokens.
The hacker’s address still holds 19M OP as of June 8 after selling 1M of the tokens for 720.7 ETH. At the June 8 price of $0.84, the hacker stands to net $16.8M, though it remains to be seen whether the attacker will sell all the tokens.
The hacker may not be selling OP because of the dramatic slippage offloading 19M of the tokens incurs — nearly all the value would be lost if the attacker tried to sell all the OP at once since the total liquidity in Uniswap’s OP-WETH pool is only $4.1M.
The OP tokens in question came from the Partner Fund, which was allocated 5.4% of the total token supply with the mandate of growing the Optimism ecosystem.