In an exceptional turn of events, ZKSync, the decentralized finance platform, has announced that it has managed to recover over $5 million worth of tokens that were stolen by a hacker. In an unusual show of compliance, the hacker accepted a bounty of 10% of the stolen assets and returned the remaining 90% within the platform’s 72-hour “safe harbor” window.
The successful recovery was announced by ZKSync on April 23rd. The cryptocurrency platform stated that the hacker cooperated fully, returning the stolen tokens within the stipulated timeframe. The recovered assets are now under the control of the ZKSync Security Council, who will determine their future disposition.
The breach occurred on April 15th when a compromised admin key allowed the hacker to mint approximately 111 million ZK tokens, equivalent to around $5 million. These tokens were minted from unclaimed airdrop reserves. In its investigation, ZKSync found that only three specific airdrop contracts were affected by the security vulnerability, with core protocol systems and user funds remaining untouched.
ZKSync also reassured its user base that the exploit did not have the potential to create an unlimited number of tokens. The platform clarified that all distributor contracts involved were already capped, meaning that no new tokens could be minted using this vulnerability. Throughout the ordeal, user funds, core contracts, and governance were all kept secure.
Following the hack, ZKSync proactively reached out to the hacker on April 21st, offering a unique deal: return 90% of the stolen funds and keep 10% as a bounty. Concurrently, Matter Labs, which is currently the only sequencer for ZKSync Era, implemented transaction filtering to block any activity from the compromised addresses.
Due to the hacked tokens’ direct link to governance, such centralized control measures were feasible during the Stage 0 rollout phase of ZKSync Era. However, the ZKSync team has emphasized that such filters could be lifted at any point based on governance decisions.
Remarkably, the hacker abided by the deal, returning nearly 45 million ZK tokens and over 1,700 Ethereum (ETH) to addresses controlled by the ZKSync Security Council. This recovery is a rare victory in a sector where many hacks remain unsolved and culprits unaccountable. A final investigation report from ZKSync is expected to be released soon, shedding more light on one of the most unique cybercrime resolutions in recent times.
