The Cohesion layer-1 blockchain project team has supplied a bounty equal to correct 1% of the $100 million in crypto stolen from the Horizon Bridge hack last week.
Cohesion tweeted on June 26 that the team had committed $1 million for the return of the funds that were stolen from the Horizon Bridge on June 23. It added, “Cohesion will advocate for no criminal costs when funds are returned.”
We commit to a $1M bounty for the return of Horizon bridge funds and sharing exploit details.
Contact us at firstname.lastname@example.org or ETH take care of 0xd6ddd996b2d5b7db22306654fd548ba2a58693ac.
Cohesion will advocate for no criminal costs when funds are returned.
— Cohesion (@harmonyprotocol) June 26, 2022
Nonetheless, concerns delight in been raised that the modest bounty sum might perchance merely now not be sufficient to incentivize the attacker to advance the funds.
The Horizon Bridge is a token bridge between the Cohesion blockchain and the Ethereum community, Binance Chain, and Bitcoin. The Bitcoin bridge used to be now not affected by this exploit.
Compared to varied high-profile exploits this year, Cohesion’s bounty provides ranks low. The $10 million supplied to the Rari Fuse attacker in May per chance well used to be 12.5% of the total stolen. The Beanstalk Finance team supplied $7.6 million which used to be 10% of the total exploited from the protocol in April.
Cohesion’s bounty provides is so low that the crypto trader identified on Twitter as Degen Spartan known as it an “insulting amount.” He added, “have faith shedding 100m and thinking you are in a keep to lowball for a 1% bounty lmwo these folks are correct doing performance paintings to mitigate pleasing liability.”
— 찌 G 跻 じ Goblin of the (@DegenSpartan) June 26, 2022
In an incident response update on the Horizon bridge hack on June 25, Cohesion founder Stephen Tse tweeted that the hack used to be now not the end result of a natty contract code breach, as a different, the team came across evidence that deepest keys were compromised which resulted in the breach of the bridge.
1/ An incident response update on the Horizon bridge hack
Confidentiality is needed to defend integrity as segment of this ongoing investigation. The omission of announce details is to present protection to gentle data within the interest of our crew.
— stephen tse s.one stse.eth (@stse) June 26, 2022
Tse mentioned that the Ethereum facet of the bridge had migrated “to a 4-5 multisig since the incident.” The vulnerability of the multisig wallet requiring correct two out of 5 signers used to be introduced by a crew member in April, however, the problem used to be now not addressed by the Cohesion team until now.
A multisig wallet is a crypto wallet that requires multiple key holders to approve a transaction. These wallets are regularly ancient at crypto initiatives.
As of the time of writing, the Horizon Bridge hacker has now not moved the stolen funds into Tornado Money, an Ether (ETH) mixer, or any varied anonymizer.
Hope is now not misplaced for Cohesion, as it is $1 million bounties is now not the smallest proportional to the number of funds misplaced. In 2021, the Poly Network interoperability platform used to be hacked for $610 million. The team’s bounty provide of $500,000 used to be 0.08% of the total stolen. Theirs provide used to be rejected, but happily, the funds were returned anyway.
Disclaimer: This article is for informational capabilities only. It is no longer an immediate offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any merchandise, services, or companies. We no longer provide funding, tax, neatly suited, or accounting advice. Neither the corporate nor the author is guilty, straight or no longer straight, for any injury or loss precipitated or speculated to be precipitated by or in connection with the usage of or reliance on any insist, items, or services mentioned in this text.