$15M of Optimism Tokens Stolen After Wintermute Sent Wrong Wallet Address

Ethereum scaling tool Optimism announced Wednesday that attackers stole $15 million in OP governance tokens.

Optimism intended to send the funds to a crypto market maker, but the funds fell into the wrong hands when the market maker, Wintermute, provided Optimism’s team with a wrong blockchain address.

In a statement Wednesday, Wintermute CEO Evgeny Gaevoy took responsibility for allowing the theft, saying that "we made a serious error.”

The attack followed a difficult couple of weeks for Optimism, whose botched OP token airdrop sent the token’s price tumbling in its first hours. The OP token fell an additional 20% after Wednesday’s news, according to the most recent data from CoinMarketCap.

What happened

In a blog post published Wednesday, Optimism’s team explained that it sent 20 million OP tokens to Wintermute two weeks ago in preparation for the much-hyped OP token airdrop.

The funds came from the Optimism Foundation’s Partner Fund, and Wintermute’s Gaevoy explained that the money – which came as a loan – would have been used to “provide liquidity in the OP token upon its listing on centralized exchanges.”

An opportunity for an attack came when Wintermute gave the wrong wallet address to Optimism. The money was supposed to be held in a multi-signature wallet belonging to Wintermute, but the address provided by Wintermute was for a wallet on Ethereum; it should have been an address on Optimism.

Gaevoy said Wintermute sought to retrieve the lost funds after noticing what happened, but an attacker beat Wintermute to the punch – draining the full 20 million OP tokens into a fresh Optimism wallet belonging to the attacker.

The attacker cashed out one million of the stolen OP tokens into Ethereum and then transferred those funds to an unknown address via Tornado Cash, a tool that allows people to send and receive funds with a scrambled source.

Blockchain security firm PeckShield noticed Wednesday that the attacker sent an additional one million tokens to an address belonging to Ethereum co-founder Vitalik Buterin.

The remaining 18 million tokens remained in the attacker’s wallet at press time. As long as the tokens stay in the attacker's possession, the attacker will be able to vote on Optimism community governance proposals.

The Block reported that the attacker has delegated one million tokens to Ethereum Foundation security researcher Yoav Weiss, meaning Weiss will be able to vote on the attacker's behalf.

CoinDesk has seen no evidence suggesting Buterin or Weiss were involved with the theft of OP tokens.

“We are not sure why they chose not to liquidate all of [the tokens] at once,” Gaevoy said in his statement. “There is hope that it is a whitehat exploit … However we are currently operating under the premise that it is not the case.”

What is Optimism

Optimism is a layer 2 rollup chain for Ethereum – a separate blockchain that can process transactions, bundle them up and pass them back down to Ethereum. It helps to scale Ethereum’s “layer 1” network through quick transactions and lower fees.

The protocol, which has over $350 million in total value locked (TVL) according to DefiLlama, made headlines last month when it announced that it would be embarking on a much-hyped transition to community governance.

As part of its community handover, Optimism planned to airdrop its new OP token to active members of the Ethereum community.

What’s next

After noticing the error, Optimism sent an additional 20 million OP tokens to Wintermute. This time, Wintermute was required to put up $50 million in USDC as collateral.

Optimism’s decision to continue working with Wintermute has drawn the ire of some members of crypto Twitter, as has its decision to hold off on disclosing the attack until two weeks after the fact.

As for how Optimism will handle the stolen funds, it says the decision will be left to its community. Theoretically, the funds can be restored to the Optimism Foundation via a “hard fork,” an irreversible update to the chain's code.

Wintermute, for its part, says it is monitoring the attacker's address and “will proceed to buy OP every time the attacker sells it to make the protocol whole eventually.”

UPDATE (June 9, 15:43 UTC): Updated the article to reflect that the attacker sent one million tokens to Vitalik Buterin and delegated one million tokens to Yoav Weiss.