The Fantom Foundation has awarded a $1.7 million bounty to a blockchain security researcher who identified a potential breach that could result in $170 million losses.
The non-profit organization that partakes in the blockchain’s development says it has eliminated likely risks of a hack from a tip it received after it suffered a $550,000 hack in September.
According to the Nov 20 press release, the foundation rewarded the unnamed researcher following a swift review of the security breach that saved the platform $170 million.
The compromised wallet held a major admin token for the Fantom’s ERC20 FTM contract which the bad actors could have exploited for more tokens on Ethereum.
“The risk was mitigated quickly, and in recognition of their contribution, the Fantom Foundation awarded the researcher a bounty of $1.7 million. With the attacker’s access to this wallet, the potential damage could have been $170 million (based on the token price at the time), though this estimate does not consider the market’s insufficient liquidity to absorb the tokens fully,” the statement reads.
Praising the swift work of the researchers, the platform urged the community to continue in its effort to make the project better while pledging to uphold the highest security standards.
“By addressing these weaknesses before they’re exploited maliciously, we ensure a secure platform for both developers and users. As such, the Foundation remains committed to rewarding those who bring network vulnerabilities to the team’s attention.”
Fantom’s hot wallet hack
On Oct 17, the Fantom Foundation was hacked for $550,000 although initial reports placed the figure at $7 million. The foundation commenced an investigation into the incident disclosing that 99% of the funds in the wallet were intact.
pic.twitter.com/gShkT3C9XV
— Fantom Foundation (@FantomFDN) October 17, 2023
While the attack was mostly against the foundation wallet, and employee wallet and not against the network itself which holds $45 million locked in contracts, community users urged the platform to increase and update security checks to protect investors.
On-chain analyst, Spreek placed the total figure of the incident at $6.7 but later explained that there’s a possibility that the figure released includes funds from outside sources and not Fantom.
Fantom Foundation allegedly drained on one of their wallets via a Chrome zero day pic.twitter.com/PhBO2TtsAt
— Spreek (@spreekaway) October 17, 2023
The platform has previously suffered a hack resulting in losses due to an exploit on the multi-chain bridge. Fantom Bridge was the most targeted as the hack on all bridges amounted to $126 million in losses.
“Due to the Multichain hack, Fantom Foundation is issuing an emergency FTM distribution to all users. All users who have interacted with the FTM chain are eligible to claim,” the hackers wrote on X (formerly Twitter).
Blockchain security bounty has often been deployed by several DeFi platforms to incentivize the community toward participating in the network’s protection.