Tolu is a cryptocurrency and blockchain enthusiast based in Lagos. He likes to demystify crypto stories to the bare basics so that anyone anywhere can understand without too much background knowledge. When he's not neck-deep in crypto stories, Tolu enjoys music, loves to sing and is an avid movie lover.
Nomad has announced that it will forfeit 10% of funds stolen via a hack as a bounty, to anyone who returns the remaining 90%.
Crypto company Nomad is offering a 10% bounty to anyone who can recover the $190 million it lost to a recent hack. According to the bridge protocol platform, anyone who returns at least 90% of the stolen sum can keep the remaining $19 million. Nomad also assures that the person who returns the lost funds will be considered a “white-hat hacker” or “ethical hacker”. This implies that such a person, or persons, will be free from prosecution and instead considered a protocol vulnerability ‘tester’. In a statement, Nomad chief executive officer Pranay Mohan explained:
“We will not prosecute white hats. But we will continue to work with our partners, intelligence firms, and law enforcement to pursue all other malicious actors to the fullest extent under the law.”
Nomad further took to Twitter to provide the wallet address it hopes the hacker will return the funds. So far, the crypto bridge has recovered more than $20 million of the stolen funds. Furthermore, Nomad also stated that it is working closely with TRM Labs and law enforcement to locate the rest of the funds.
Recap of Nomad Hack
The Nomad bridge hack occurred earlier in the week on August 2nd, once again reflecting the security vulnerabilities in the crypto industry. According to Elliptic, the Nomad cross-chain bridge hack is one of the largest crypto thefts in history. A Twitter post from the platform read:
“The Nomad cross-chain bridge hack is the 8th largest crypto theft ever. Elliptic has identified over 40 exploiters with the most prolific gaining almost $42m. Wallets used to initiate previous DeFi thefts are among those involved in this exploit.”
Reports state that the Nomad hack became possible following exploitation of the smart contract holding its tokens. In addition, the attack allegedly took place during a recent protocol update. However, in the days after the hack, Nomad refuted claims that it ignored system bugs that allowed the security breach.
Other Addresses Were Involved in Nomad Hack
Soon after the breach, around 41 addresses received $152 million, about 80% of the total stolen funds. This large number of involved addresses makes this hack stand out from many previous bridge attacks. Usually, bridge attacks involve a single attacker.
However, Nomad maintains that white hackers also initiated a significant portion of the hack, hence its recent bounty policy. The interoperable cross-chain bridge stated that these ethical hackers acted in its interest to prevent drained funds from ending up in the wrong hands.
Nomad is a bridge protocol that allows users to swap tokens between blockchains to make various networks interoperable. However, many people consider these bridges some of the weakest links in the crypto sector. According to a Chainalysis estimate, bridges have lost nearly $2 billion worth of digital assets to hacks in 2022.