Jump Crypto and Oasis have reportedly been able to transfer (reclaim) $225 million of the over $300 million stolen in the Wormhole exploit in 2022. As a result, Oasis managed to transfer 120,695 wsETH (wrappedETH) and 3,213 rETH (Rocket Pool ETH) under Jump Crypto’s wallet control, per court orders.
The Sender has reportedly managed to make the Oasis contracts permit moving the collateral and debt from the vaults of the Exploiter into the vaults of the Sender. Per Oasis, the court had requested the assistance. Oasis also states a Whitehat group flagged a vulnerability in the design of the multi-sig access of the admin.
Sharing the update, Chinese reporter Colin Wu tweeted:
Breaking: Jump Crypto has recovered the 120,000 ETH stolen during the 2022 Wormhole exploit. The Sender tricked the Oasis contracts into allowing it to move the collateral and debt from the Exploiter’s vaults into the Sender’s own vaults. Oasis said the assistance was requested…
— Wu Blockchain (@WuBlockchain) February 25, 2023
Wu also stated “MakerDAO’s smart contracts are not controlled by the Oasis frontend smart contracts.” The transactions altering Maker Vault 30100’s ownership reportedly do not involve either of MakerDAO’s official smart contracts, added Wu.
Explaining the situation, MakerDAO tweeted:
In light of the recent transactions concerning Maker Vault 30100 and the Oasis frontend, it is noteworthy to explain the distinction between MakerDAO, the Maker Protocol, and third-party frontend providers to clarify MakerDAO’s involvement.
— Sky (@SkyEcosystem) February 25, 2023
1/ pic.twitter.com/8EwZkjp6H7
Oasis states in its official statement, What occurred on 21st February 2023 was only possible due to a previously unknown vulnerability in the design of the admin multisig access.
We stress that this access was there with the sole intention to protect user assets in the event of any potential attack.
Oasis reportedly “received an order from the High Court of England and Wales” to ensure “retrieval of certain assets involved with the wallet address associated with the Wormhole Exploit on the 2nd February 2022.”
Oasis states to have initiated all the required activities “in accordance with the requirements of the court order, as required by law, using the Oasis Multisig and a court authorised third party.” Oasis also confirmed “We retain no control or access to these assets.”