- ZKsync recovered $5.7M after the hacker accepted a bounty and returned funds on time.
- The hacker exposed an airdrop code to mint 111M ZK tokens but complied within the 72-hour window.
- Governance will decide the final use of the recovered assets now with the Security Council.
In a dramatic move, ZKsync has successfully recovered nearly $5.7 million in stolen tokens after a hacker accepted a bounty and returned the funds. The recovery followed a safe harbor offer made by the ZKsync Security Council on April 21. The bounty gave the hacker 72 hours to return 90% of the stolen assets in exchange for immunity and a 10% reward.
The security breach happened on April 15 during ZKsync’s token airdrop event. The hacker exploited a vulnerability in the sweepUnclaimed function of the airdrop contract, which enabled the minting of 111 million unclaimed ZK tokens, valued at $5 million at that time.
The attack came to light after the ZKsync security team identified a compromised admin account, and further investigations revealed that the incident was connected to the airdrop distribution contract, and no additional ZK tokens can be minted from this contract. Following the attack, the ZK team sent a bounty message to the hacker to resolve matters amicably.
After the offer was made, the hacker responded positively, and on April 23, two large transfers were made on the ZKsync Era blockchain. The first was $2.47 million in ZK tokens, and the second was $1.83 million worth of Ether. Thirteen minutes later, another 776 ETH, worth about $1.4 million, was sent to the Security Council’s Ethereum address.
However, the returned amount exceeded the original figure due to token price increases. Since the breach, ZK tokens rose by 16.6% and ETH by 8.8%, based on CoinGecko data. Presently, the recovered assets are now in the custody of the ZKsync Security Council, and the governance will decide how the funds will be used or redistributed. The Security Council stated that the case is resolved and thanked the community members for their support.
Related: Hacker Loses $5.4M ETH to Phishing Scam After zkLend Heist
ZKsync Era is an Ethereum layer 2 protocol using zero-knowledge rollups to batch transactions off-chain, reducing fees and improving the speed. According to DeFiLlama data, the protocol currently holds $59 million in total value locked. Also, based on data from RWA.xyz, ZKsync supports over $2 billion in real-world assets on-chain. The recovery adds confidence to the protocol’s security measures and governance response process.
Despite the recovery, the ZK token price remained mostly flat. In the last 24 hours, the token has dropped 4.07%, exhibiting minimal response to the news. A complete report about the incident is currently under development for final presentation, and public release of the ongoing investigation and related assessments will be shared when the investigation concludes.
