{"id":459802,"date":"2022-06-09T04:22:23","date_gmt":"2022-06-09T01:22:23","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/optimism-loses-20m-tokens-after-l1-and-l2-confusion-exploited\/"},"modified":"2022-06-09T04:22:23","modified_gmt":"2022-06-09T01:22:23","slug":"optimism-loses-20m-tokens-after-l1-and-l2-confusion-exploited","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/optimism-loses-20m-tokens-after-l1-and-l2-confusion-exploited\/","title":{"rendered":"# Optimism loses 20M tokens after L1 and L2 confusion exploited"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a39674f94e86\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a39674f94e86\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/optimism-loses-20m-tokens-after-l1-and-l2-confusion-exploited\/#%E2%80%9D_Optimism_loses_20M_tokens_after_L1_and_L2_confusion_exploited_%E2%80%9C\" >&#8221; Optimism loses 20M tokens after L1 and L2 confusion exploited &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Optimism_loses_20M_tokens_after_L1_and_L2_confusion_exploited_%E2%80%9C\"><\/span>&#8221; Optimism loses 20M tokens after L1 and L2 confusion exploited &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDYvM2MwNGYwMmMtYTA2Yy00MGZhLThkZWUtM2RhODY5Y2EzZjJkLmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-2a0745c6>The honeymoon period for the Optimism layer-2 scaling solution has been cut short as an exploit in its market maker\u2019s smart contract led to the loss of 20 million OP tokens.<\/p>\n<p>The <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/optimistic.etherscan.io\/address\/0x4f3a120e72c76c22ae802d129f599bfdbc31cb81#tokentxns\">exploit<\/a> took place May 26 but has only just been reported to the community. One million tokens valued at about $1.3 million were sold on June 5. An additional one million tokens valued at about $730,000 were <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/optimistic.etherscan.io\/tx\/0xdb693613d550e38d53d47b5fd07ce505e24e141db146fa1321710c9a86d9db6a\">transferred<\/a> to Vitalik Buterin&#8217;s Ethereum address on Optimism earlier today at 12:26am UTC. The remaining tokens are dormant for now but could be sold at any time or used to sway governance decisions. <\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Hey folks&#8211;in the interest of transparency, we&#8217;d like to share some details about an ongoing situation:<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/915vIgRIJG\">https:\/\/t.co\/915vIgRIJG<\/a><\/p>\n<p>Summary below <\/p>\n<p>\u2014 Optimism (\u2728_\u2728) (@optimismPBC) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/optimismPBC\/status\/1534631766576836608?ref_src=twsrc%5Etfw\">June 8, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nOP tokens are the native token for the Optimism Layer-2 (L2) and a portion of the supply was airdropped to network users on June 1. L2 solutions help alleviate congestion on a layer-1 blockchain such as Ethereum.<\/p>\n<p>A summary of <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/plaid-cement-e44.notion.site\/A-Message-to-the-Community-from-the-Optimism-Foundation-f49b913bb0974d8a854a8bdd409a9dd6\">events<\/a> from the Optimism team on Thursday detailed how the 20 million OP tokens were intended to be used by the Wintermute crypto market making firm. After sending two test transactions, the Optimism team sent the full amount of tokens.<\/p>\n<p>However Wintermute discovered that it could not access the tokens because the smart contract it used to accept the tokens was still on L1 and had not been updated to be deployed on Optimism. This technical oversight opened the contract to an attack in which a bad actor took control of the contract on the L2 themselves. <\/p>\n<p>As soon as Wintermute became aware of the problem, it \u201cbegan a recovery operation with the goal to deploy the L1 multisig contract to the same address on L2,\u201d but its attempt to remedy the situation was too late.<\/p>\n<blockquote><p>\u201cAn attacker was able to deploy the multisig to L2 with different initialization parameters before the recovery operation was completed and took control of the 20 million OP tokens.\u201d<\/p><\/blockquote>\n<p>A multisig contract requires the <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>roval of multiple key holders to execute a transaction.<\/p>\n<p>In a June 9 <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/gov.optimism.io\/t\/message-to-optimism-community-from-wintermute\/2595\">message<\/a> to the Optimism community, Wintermute took full responsibility for the exploit. The firm stated that it would perform OP buybacks equal to the amount the exploiter sells as a means of making \u201cbest efforts to smoothen the effects\u201d of price volatility.<\/p>\n<p>Wintermute has also offered to accept the incident as a white hat exploit if the hacker agreed to return 19 million tokens within one week. This offer was made before the hacker transferred another million tokens. <\/p>\n<p>Replies to Wintermute\u2019s message mostly applauded the firm for its transparency in revealing the issue and for accepting the blame for what happened.<\/p>\n<p><strong><em>Related: <\/em><\/strong><strong><em>Hacker tastes own medicine as community gets back stolen NFTs<\/em><\/strong><\/p>\n<p>In the short-term, the Optimism team has granted Wintermute an additional 20 million OP grant \u201cso that they can continue with their work as things unfold.\u201d But the team also pointed out that such market making efforts are temporary.<\/p>\n<blockquote><p>\u201cThe community should not expect or rely on the Optimism Foundation to support liquidity provisioning efforts in the future.\u201d<\/p><\/blockquote>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Some <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/search?q=%24OP&amp;src=ctag&amp;ref_src=twsrc%5Etfw\">$OP<\/a> tokens got hijacked.<\/p>\n<p>Optimism is grappling with the idea of whether it should use its multisig to take the tokens back from the thief.<\/p>\n<p>In this tweet, they&#8217;re saying &#8220;we coullllld do it.. but then you&#8217;d all hate us.. so we won&#8217;t.. for now.&#8221;<\/p>\n<p>DANGEROUSLY CENTRALIZED. <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/p7JiPY2TzU\">https:\/\/t.co\/p7JiPY2TzU<\/a><\/p>\n<p>\u2014 Chris Blec (@ChrisBlec) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/ChrisBlec\/status\/1534640270448410624?ref_src=twsrc%5Etfw\">June 8, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Host of the Proof of Decentralization podcast Chris Blec said the team had <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/optimismPBC\/status\/1534631776018120704\">considered<\/a> (but rejected) regaining control of the stolen funds by performing a network upgrade. This meant that in his view, Optimism (like most DeFi projects with admin keys) is \u201cDANGEROUSLY CENTRALIZED\u201d. <\/p>\n<p>Blec also suggested that the most obvious explanation for exploits involve those most closely involved, meaning someone involved with Wintermute may have performed the attack themselves. He <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/ChrisBlec\/status\/1534654068886577153\">asked<\/a>, \u201cWhy is everyone in this space always so opposed to vetting the most obvious possibilities?\u201d There is no evidence at this stage to support this theory.<\/p>\n<p>OP investors have responded negatively to the update as the token price is down 31.2% trading at $0.76 over the past 24 hours according to <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.coingecko.com\/en\/coins\/optimism\">CoinGecko<\/a>.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/optimism-loses-20m-tokens-after-l1-and-l2-confusion-exploited\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Optimism loses 20M tokens after L1 and L2 confusion exploited &#8220; The honeymoon period for the Optimism layer-2 scaling solution has been cut short as an exploit in its market maker\u2019s smart contract led to the loss of 20 million OP tokens. The exploit took place May 26 but has only just been reported&#8230;<\/p>\n","protected":false},"author":1,"featured_media":459803,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDYvM2MwNGYwMmMtYTA2Yy00MGZhLThkZWUtM2RhODY5Y2EzZjJkLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74867,74868,95119,95118,75434,70944],"class_list":["post-459802","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-altcoin","tag-defi","tag-layer2","tag-nft","tag-smart-contracts","tag-hackers"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/459802","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=459802"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/459802\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/459803"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=459802"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=459802"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=459802"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}