Decentralized finance (DeFi) platform Jimbos Protocol has made the difficult decision to offer a public bounty of $800,000, equivalent to 10% of the exploited funds, after an unsuccessful attempt to negotiate directly with the hacker who recently exploited the platform. The decision comes after the hacker ignored the deal proposed by Jimbos Protocol to return 90% of the funds in exchange for the hefty payday and threats of prosecution. But the question remains: is offering a public bounty the right way to deal with such situations, or does it only encourage future attacks?
On May 28, approximately 4,000 Ether (ETH) worth around $7.5 million at the time was stolen from Jimbos Protocol. The hacker took advantage of the lack of slippage control on liquidity conversions to exploit the app-based DeFi platform. The team behind the exploited protocol attempted to negotiate with the hacker and offered 10% of the exploited funds as a bounty alongside the threat of prosecution if the funds were not returned.
After the hacker did not respond, the protocol decided to extend the bounty offer to the general public. This move aims to garner information that may help catch the exploiter or recover the lost funds. Moreover, Jimbos Protocol is now cooperating with a law enforcement agency specialized in blockchain cybercrime investigations.
While this particular situation might paint a bleak picture with the unresponsive hacker, it’s worth noting that other bounty negotiations in recent history have had more success. For instance, the Euler Finance team recovered 90% of hacked funds after offering a bounty of $19.6 million. Similarly, a lending protocol called Sentiment managed to recover 90% of its funds from a hacker, thanks to offering a 10% bounty.
The main conflict arising from these occurrences is determining whether it’s appropriate for crypto projects to negotiate with hackers. The ethical implications of this practice are a subject of debate among experts and enthusiasts alike. Offering public bounties might be seen as an incentive for hackers to continue exploiting vulnerabilities in the hope of a payday if caught, while others argue it’s a necessary measure to ensure the affected users do not suffer the loss of their assets.
In conclusion, the move by Jimbos Protocol to offer a public bounty brings forth multiple angles of consideration, and the pros and cons of this type of action are
Source: Cointelegraph