The CEO of Wintermute, Evgeny Gaevoy took the responsibility for the way the 20 million OP was moved by the attacker was their negligence.
20 million OP moved by the attacker
In Optimism, a layer 2 rollup Chain for Ethereum, is a separate blockchain that can process transactions, bundle them up and pass them back to Ethereum. It is designed to help scale up Ethereum’s layer 1.
The protocol announces last month to be embarking on an airdropping of the most active members in the Ethereum community.
Read also: XRP-BSC Is Spotted On The BNB Chain Top List: WhaleStat
In the time of rewarding the most active members, Optimism’s team sent 20 million OP tokens to Wintermute two weeks ago in preparation for the much-hyped OP token airdrop as explained by the Optimism team.
The opportunity for the attack showed off when the Wintermute sent a wrong address to Optimism. The money was supposed to be held in a multi-signature wallet belonging to the Wintermute, but on the contrary, the address given was for a wallet on Ethereum into which the tokens were sent.
Wintermute’s attempt to recover the token
According to Wintermute CEO Evgeny Gaevoy, Wintermute sought to recover the funds after observing what had happened but an attacker was faster than the Wintermute by draining the full 20 million OP tokens into the Optimism wallet belonging to the attacker.
Ethereum co-founder Vitalik Buterin’s address receives 1 million OP tokens
The data from Blockchain security firm, PeckShield noticed Wednesday that the attacker sent an additional one million tokens to an address belonging to Ethereum co-founder Vitalik Buterin.
The remaining 18 million tokens remained in the attacker’s wallet at press time. As long as the tokens stay in the attacker’s possession, the attacker will be able to vote on Optimism community governance proposals.
Read Also: Tether (USDT) To Launch On Tezos Blockchain And Hope To Effect Tezos’ Long Term Growth.
CoinDesk has seen no evidence suggesting Buterin or Weiss were involved with the theft of OP tokens.
“We are not sure why they chose not to liquidate all of [the tokens] at once,” Gaevoy said in his statement. “There is hope that it is a whitehat exploit … However we are currently operating under the premise that it is not the case.”