Optimism loses 20M tokens after L1 and L2 confusion exploited

The honeymoon period for the Optimism layer-2 scaling solution has been cut short, as an exploit in its market maker’s smart contract led to the loss of 20 million OP tokens.

The exploit took place on May 26 but has only just been reported to the community. One million tokens valued at about $1.3 million were sold on Sunday. An additional 1 million tokens valued at about $730,000 were transferred to Vitalik Buterin’s Ethereum address on Optimism earlier today at 12:26 am UTC. The remaining tokens are dormant for now but could be sold at any time or used to sway governance decisions.

Hey folks–in the interest of transparency, we’d like to share some details about an ongoing situation:https://t.co/915vIgRIJG

Summary below

— Optimism (✨_✨) (@optimismPBC) June 8, 2022

OP tokens are the native token for the Optimism layer 2 (L2) blockchain, and a portion of the supply was airdropped to network users on June 1. L2 solutions help alleviate congestion on a layer-1 (L1) blockchain such as Ethereum.

A summary of events from the Optimism team on Thursday detailed how the 20 million OP tokens were intended to be used by the Wintermute crypto market-making firm. After sending two test transactions, the Optimism team sent the full amount of tokens.

However, Wintermute discovered that it could not access the tokens because the smart contract it used to accept the tokens was still on L1 and had not been updated to be deployed on Optimism. This technical oversight opened the contract to an attack, in which a bad actor took control of the contract on the L2 themselves.

As soon as Wintermute became aware of the problem, it “began a recovery operation with the goal to deploy the L1 multisig contract to the same address on L2,” but its attempt to remedy the situation was too late.

“An attacker was able to deploy the multisig to L2 with different initialization parameters before the recovery operation was completed and took control of the 20 million OP tokens.”

A multisig contract requires the approval of multiple key holders to execute a transaction.

In a Thursday message to the Optimism community, Wintermute took full responsibility for the exploit. The firm stated that it would perform OP buybacks equal to the amount the exploiter sells as a means of making “best efforts to smoothen the effects” of price volatility.

Wintermute has also offered to accept the incident as a white hat exploit if the hacker agreed to return 19 million tokens within one week. This offer was made before the hacker transferred another 1 million tokens.

Replies to Wintermute’s message mostly applauded the firm for its transparency in revealing the issue and for accepting the blame for what happened.

Related: Hacker tastes own medicine as community gets back stolen NFTs

In the short-term, the Optimism team has granted Wintermute an additional 20-million-OP grant “so that they can continue with their work as things unfold.” But the team also pointed out that such market-making efforts are temporary.

“The community should not expect or rely on the Optimism Foundation to support liquidity provisioning efforts in the future.”

Some $OP tokens got hijacked.

Optimism is grappling with the idea of whether it should use its multisig to take the tokens back from the thief.

In this tweet, they’re saying “we coullllld do it.. but then you’d all hate us.. so we won’t.. for now.”

DANGEROUSLY CENTRALIZED. https://t.co/p7JiPY2TzU

— Chris Blec (@ChrisBlec) June 8, 2022

Chris Blec, host of the Proof of Decentralization podcast, said the team had considered (but rejected) regaining control of the stolen funds by performing a network upgrade. This meant that, in his view, Optimism (like most decentralized finance projects with admin keys) is “DANGEROUSLY CENTRALIZED.”

Blec also suggested that the most obvious explanation for exploits involves those most closely involved, meaning someone involved with Wintermute may have performed the attack themselves. He asked, “Why is everyone in this space always so opposed to vetting the most obvious possibilities?” There is no evidence at this stage to support this theory.

OP investors have responded negatively to the update, as the token price is down 31.2% trading at $0.76 over the past 24 hours according to CoinGecko.