Hacker Returns 90% of Stolen ZKsync Funds for 10% Bounty

In a surprising turn of events, the ZKsync hacker returned approximately $5.7 million in stolen funds after agreeing to a 10% bounty offered by the ZKsync Security Council. This recovery marks a notable victory for the ZKsync community, as the hacker's decision to return the bulk of the funds echoes past resolutions in the cryptocurrency space, reminiscent of the Ronin Bridge hack cases. However, the native token, ZK, has not benefited from this resolution, exhibiting continued bearish market sentiment with a nearly 2% price decline.

On April 15, the Ethereum-based Layer-2 scaling solution ZKsync faced a significant security breach, leading to the compromise of an account controlling upwards of $5 million in ZK tokens. This incident triggered a sharp 16% decline in the token’s market price. The situation escalated further when community members raised concerns about the ZKsync team’s actions post-hack. Allegations suggested that ZKsync might have mismanaged the aftermath, similar to what was seen with Mantra (OM), which heightened worries about the project’s stability.

In a significant development, the ZKsync Association confirmed that the hacker returned 90% of the stolen assets, effectively meeting the safe harbor deadline offered during negotiations to resolve the security incident. The ZKsync Security Council publicly extended a conditional offer—a 10% bounty—to the hacker to encourage the return of the stolen funds within a 72-hour timeframe, which they eventually accepted. As a result, the hacker proceeded to transfer nearly $5.7 million back, completing three transactions on April 23. Two transfers were initiated on the ZKsync Era blockchain, with the first involving $1.83 million in Ethereum (ETH) sent to the ZKsync Security Council’s designated address and a second transferring $2.47 million in ZKsync tokens. The third transaction saw the hacker send 776 ETH, approximately worth $1.4 million, to the ZKsync Security Council’s Ethereum address.

Moving forward, the ZKsync Association is tasked with releasing a comprehensive report detailing the hacking event and the subsequent recovery. Importantly, the hacker followed all instructions provided by the Security Council, resulting in the closure of the case without further actions taken. This incident draws parallels to others in the crypto space, like the Ronin Bridge hack, where hackers returned stolen funds for a bounty, demonstrating a potential shift towards cooperative resolutions in the industry. Despite the positive outcome regarding the return of funds, the ZK token seems unfazed, experiencing a decline of nearly 2% over the past 24 hours, and currently trading at $0.06.

Notably, not all hacking incidents respond to bounty offers positively. For instance, Bybit recently instituted a bounty program aimed at recovering $1.4 billion in stolen assets, where only partial recoveries have occurred due to various constraints. In contrasting scenarios, other blockchain ecosystems implement proactive measures using bounty programs to enhance security. For example, Cardano’s Charles Hoskinson proposed a $1 million bounty aimed at testing the new Lace Paper Wallet’s security, while Uniswap recently offered a record-breaking $15.5 million bug bounty targeting vulnerabilities in its v4 core contracts.

In conclusion, while the return of the stolen funds displays a significant win for ZKsync and its community, the bearish sentiment surrounding the ZK token indicates underlying challenges. The hacking incident underscores the ongoing need for robust security measures and the potential effectiveness of incentive-based recovery strategies in the cryptocurrency sector. As the market continues to evolve, stakeholders will be keenly observing how these developments influence both governance and token performance.