The Nomad bridge was hacked by a mob of users who basically copy-pasted a line of code to repeat an already working exploit. This has created a unique situation and perhaps the first crowd hack in the history of decentralized finance. While this is somewhat amusing the consequences are dire. Now that the smoke has settled it becomes clear that $190 million were stolen during the incident. This is not only crushing for the team behind Nomad but also devastating to the reputation of the broader crypto community.
But not all hope is lost. How much was returned of the funds and what kind of consequences are the thieves facing?
Some users tried to protect Nomad
From the very early hours of the exploit, it was clear that not all users were exploiting the protocol for their own gain. Some users immediately gave feedback on social media and claimed that they took funds into custody for Nomad and are about to return what was taken. Others even left messages on the blockchain to prove their good intentions.
It seems that so far over $36 million in crypto have been returned to Nomad. Of course, this is still only a fraction of what is gone but it clearly shows that folks who are into crypto are not a stealing mob looking for an opportunity to monetize on somebody’s faulty code.
Users who like to return funds are being asked to send coins or tokens that they stole to this address:
A 10 % reward is offered
Some people might have taken custody of funds and are still thinking about what to do with them. Nomad had a brilliant idea to make the choice easier for everybody who hasn’t returned the money yet. If the funds return, the returnee won’t face any legal charges and is allowed to keep 10 % of what he made. The only thing that they have to do is send 90 % back while enjoying anonymity.
This might seem like a bad deal at first glance but is in fact really sweet. Blockchain analysis has become pretty good and it will be hard for many users to hide the origin of their funds. That being said, they might end up in a situation where those funds become useless since they cannot trade them on any exchange except when using a DEX.
In conclusion, they get to keep 10 % without any further hassle or legal trouble. Punishment for hacking the protocol could be harsh in some countries and avoiding jail and having money is way more attractive.