OIP-122 Transfer of 250,000 DAI from OHM bagholders to 3 Watermelons Research

hodlmao

gm
first, I would like to thank @0xwatermelon as he (or they) did a nice job, appreciate your effort ser(s)

second, we are not here to argue about if, but how … whitehat(s) definitely needs to be rewarded, I'm personally for 150k or 250k but with participation from Bond Protocol, at least 50/50.

Rasuki

I am against the suggested amount but I am for paying the whitehat. I think 100K OHM and 33K DAI would be fair.

srkn

I have some questions about the intention of attacker:
If he planned returning the fund at first;
1-why did attacker's wallet 0x443cf223e209e5a2c08114a2501d8f0f9ec7d9be was anonymized over aztec.network?
2-why did he call Zeus "idiot" publicly?

If he is a white hacker, and if there is something called "3 Watermelons Research" why he is cutting tie on twitter with 🍉🍉🍉.eth https://twitter.com/SpaceWigger/status/1554831916066476041 (This tweet was alive a few days ago), because the address doxxed?

…

I believe he realized someone knows his previous doxxed wallet was in touch with the team and this forced him to return the fund.

https://twitter.com/srknoron/status/1585001787396091904

abipup

srkn I don't think any of that is relevant, he's free to call someone an idiot on Twitter if he wants.

If you have proof of malintent then please post that and we can act on it. Otherwise please refrain from posting derogatory speculation here.

cpt_zeke

I will vote no to this proposal.

I do think Watermelon has done everything right and should be compensated. However, it was Bond Protocols contract that was exploited, not Olympus. So the claim should be on Bond Protocol, or at the very least wait until we have clarity from Bond Protocol on how they will compensate Olympus.

A second formality is that treasury funds should not be used for development, research, audits etc. That should come from the Olympus DAO.

tex

Chiming in from Bond Protocol. We do not feel that Olympus governance is the appropriate avenue to resolve a bug bounty with @0xwatermelon. If the expectation is that Bond Protocol is covering the bounty, then the amount should not be decided by external parties. We are pursuing alternative means to compensate the hacker, but we don't have enough clarity to post details publicly.

We are glad that Olympus supports good faith behavior for returning lost funds, but we also think we should be allowed to respond on our own terms. Therefore, we recommend voting NO on OIP-122 pending an update from Bond Protocol.

« Previous Page