Harvest Finance Offers $1 Million Bounty To Get Back The Stolen Funds

Harvest Finance offers $1 million bounty to get back the stolen $34 million and to also track down the attacker. In today’s cryptocurrency news, we are reading more about the bounty.

Harvest Finance offers $1 million for hard evidence that leads to funds being returned. It hasn’t presented another plan for making affected users whole. The DeFi yield farming protocol is offering a $1 million bounties to find the hacker that stole $34 million from its users over the weekend. The attacker used a flash loan to deflate the prices of stablecoins like USDT and Tether on the platform and to steal the tokens at a bargain-basement price from the liquidity pools.

💵Increasing the bounty for tracking down the attacker and returning the funds to $1M

Here's what we know about the attacker:

1) understands flashloans
2) understands arbitrage and trading
3) understands curve internal code
4) understands renBTC
5) understands opsec

1/2

— Harvest Finance (@harvest_finance) October 29, 2020

As a result, the DeFi protocol’s team is looking for several changes including restricting flash loans that allow tech-savvy users to deposit and to withdraw funds at the same time usually for price arbitrage which the attacker was. Harvest referred to it as “theft” in their reports as the asset values were manipulated. While owning up to the protocol’s shortcomings, Harvest Finance didn’t lay out the plan for compensating users but says that it’s “formulating a remediation plan for affected users.” They also issued a request that the funds are returned to the deployers so that it can be given back to the users.

In addition to the BTC addresses which hold the funds, there is now a significant amount of personally identifiable information on the attacker, who is well-known in the crypto community.

We are putting out a 100k bounty for the first person or team to reach out to the attacker

— Harvest Finance (@harvest_finance) October 26, 2020

Harvest also implied that the team already knows the attacker but was unwilling to doxx them so they proposed a $100,000 reward, then a $400,000 one to whoever convinces the attacker to return the funds. This hasn’t happened yet so Harvest launched a bigger reward. If the posts of the protocol are to be believed, the plan is to make users whole rests on getting the funds returned as they wrote:

 “Our main focus in Week 9 is to restore funds from the hacker and to mitigate any flashloan attacks that can affect users.”

https://twitter.com/hedgedhog7/status/1321879899179683841?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1321883253633110017%7Ctwgr%5Eshare_3&ref_url=https%3A%2F%2Fdecrypt.co%2F46679%2Fharvest-finance-offers-1-million-get-stolen-34-million-back

There’s a poll about whether reparations should be paid to both USDC and Tether via the IOU Token so if it falls, the depositors will be on the hook for losses. Harvest was also trying to make future attacks preventable. It asked major exchanges to blacklist BTC addresses used by the hacker which at least one exchange was reluctant to do. Kraken Founder Jesse Powell wrote:

Stop fucking up your bullshit DeFi scams and expecting exchanges to bail you out. I will not accept your attempt at externalizing the cost of your hasty, reckless rollout. Invest in audits, insurance and please DYOR. Taking your losses is the only way to enlightenment.

— Jesse Powell (@jespow) October 26, 2020

 “Stop fucking up your bullshit DeFi scams and expecting exchanges to bail you out. I will not accept your attempt at externalizing the cost of your hasty, reckless rollout.”