- Following the discovery of a security loophole in crypto bridge Nomad’s systems, hackers stole more than $190 million in crypto on August 1.
- Nomad issued a 10 percent bounty for its stolen funds as part of its damage control efforts. Should a hacker return 90 percent of their stolen crypto, they’re entitled to keep the rest. Nomad also promises not to pursue legal action against these ‘white-hat’ hackers.
- In partnership with Metagame, Nomad is now also offering NFTs to remorseful hackers, if they return stolen crypto.
Why it matters
Community reception to Nomad’s announcement has been mixed. If you put yourself in the shoes of one of the thieves that ransacked Nomad’s stores, an NFT with “no utility” wouldn’t be enough to compel you to return hundreds of thousands — if not millions — of dollars in stolen crypto. So why exactly does Nomad think this would sweeten the deal? Because it isn’t always about the money.
As part of Metagame’s efforts to “recognize actions aligned with a communities values both big and small,” they’ve teamed up with Nomad to offer NFTs to white-hat hackers. “We can incentivize actions that benefit the community by recognizing the individuals that take those actions,” Metagame founder Brenner Spear said in a Tuesday tweet.
And, it appears that Nomad and Metagame’s earnest pleas to the cyber-thieves haven’t fallen on deaf ears. According to an August 18 blog post, roughly 20 percent of the stolen funds have made their way back to Nomad. That’s more than $37 million — with much of it coming from the recovery wallet Nomad had set up for hackers looking to make amends.
Cynics may consider Nomad’s strategy of reclaiming its stolen funds as naive, but it isn’t. Nomad’s initiatives speak to a longer-term strategy for ensuring the continued success of Web3. That all starts with building a community centered on trust and goodwill. “We support people doing the right thing even if it’s for the wrong reason, and we hope things like this will encourage more people to do the right thing,” read a statement on Nomad’s whitehat prize website
Of course, Nomad doesn’t depend on ideals alone to resolve this situation. As mentioned in its August 18 blog post, Nomad is continuing its work to compensate users victimized by the hack. As of writing, Nomad is in Phase One of its recovery efforts, and is working with law enforcement and blockchain forensics firms to track down black-hat hackers and stolen funds.
Phase Two is expected to start in mid-to-late September, and will focus on figuring out a few ways to return lost funds to users equitably. Phase Three, slated for some time in the near future, will see the reopening of the Nomad bridge, in addition to providing users with a new option to “unbridge” funds locked up in the wake of the hack.