Vinkmag ad

Harmony affords $1M bounty, however is it sufficiently big?

Vinkmag ad

The Harmony layer-1 blockchain venture workforce has supplied a bounty equal to only 1% of the $100 million in crypto stolen from the Horizon Bridge hack final week. 

Harmony tweeted on June 26 that the workforce had dedicated $1 million for the return of the funds that had been stolen from the Horizon Bridge on June 23. It added, “Harmony will advocate for no criminal charges when funds are returned.”

However, issues have been raised that the modest bounty sum might not be sufficient to incentivize the attacker to return the funds.

The Horizon Bridge is a token bridge between the Harmony blockchain and the Ethereum community, Binance Chain, and Bitcoin. The Bitcoin bridge was not affected on this exploit.

Compared to different high-profile exploits this 12 months, Harmony’s bounty provide ranks low. The $10 million supplied to the Rari Fuse attacker in May was 12.5% of the entire stolen. The Beanstalk Finance workforce supplied $7.6 million which was 10% of the entire exploited from the protocol in April.

Harmony’s bounty provide is so low that the crypto dealer recognized on Twitter as Degen Spartan known as it an “insulting amount.” He added, “imagine losing 100m and thinking you’re in a position to lowball for a 1% bounty lmwo these people are just doing performance art to mitigate legal liability.”

In an incident response replace on the Horizon bridge hack on June 25, Harmony founder Stephen Tse tweeted that the hack was not the results of a sensible contract code breach, as a substitute, the workforce discovered proof that personal keys had been compromised which led to the breach of the bridge.

Tse stated that the Ethereum aspect of the bridge had migrated “to a 4-5 multisig since the incident.” The vulnerability of the multisig pockets requiring simply two out of 5 signers was introduced up by a neighborhood member in April, however the subject was not addressed by the Harmony workforce till now.

A multisig pockets is a crypto pockets that requires a number of key holders to approve a transaction. These wallets are generally used at crypto tasks.

As of the time of writing, the Horizon Bridge hacker has not moved the stolen funds into Tornado Cash, an Ether (ETH) mixer, or another anonymizer.

Related: How can crypto cease getting hacked?

Hope just isn’t misplaced for Harmony, as its $1 million bounty just isn’t the smallest proportional to the quantity of funds misplaced. In 2021, the Poly Network interoperability platform was hacked for $610 million. The workforce’s bounty provide of $500,000 was 0.08% of the entire stolen. The provide was rejected, however fortunately the funds had been returned anyway.