A few days after confirming a $200 million attack on its network, Mixin Network has offered a $20 million bug bounty to the hacker. In an encrypted message attached with the exploiter’s transaction, the protocol asked for the return of the stolen funds from its network.
Recall that Mixin suffered the exploitation on September 23, 2023. As revealed, the attacker breached the database of a third-party cloud service provider. This breach led to the loss of about $200m worth of assets on its mainnet.
Although, the protocol is yet to give a detailed report on how the exploitation occurred, PeckShield, a blockchain analytic firm has carried out an independent investigation. According to PeckShield, the protocol held $94.48m ETH, $23.55m DAI and $23.3m BTC which amounts to $141.32 million.
Similarly, a report from 0xScope revealed the hacker had previously carried out a transaction on Mixin Network. As revealed, the hacker acquired 5 ETH from Mixin in 2022 and deposited it on Binance. Also, it was alleged that the hacker further swapped the stolen USDT to DAI to avoid seizure of the funds.
Mixin plans to compensate affected users
According to Mixin, the majority of the asset on the platform belongs to its users, as such it request that the hacker return the $200 million and keep $20 million as a reward for the gesture. Similarly, the founder of Mixin, Feng Xiaodong, also disclosed the protocol’s plan to reimburse affected users with at least 50% of their fund. He further noted that the protocol will invest the remaining funds in bond tokens which the business plans to repurchase with its earnings.
Shortly after the news of the attack dominated the airspace, Mixin paused deposits and withdrawals on its platform. It, however, pledged to resume the offerings fully when all the vulnerabilities have be fixed. As part of its efforts to unravel the circumstances behind the hack, it employed the likes of SlowMist, and Google.
Meanwhile, the news of the attack has continued to generate controversies among members of the crypto community. Many laments the huge amount involved and slammed the protocol for claiming to be decentralized. Some also believe the attack was the work of an insider in Mixin Network.