June 10 and 11, an unknown sender has paid for the transactions in Ethereum approximately $5.2 million in commissions, which usually does not exceed $0.20. This is the biggest transfer fee of ETH in the entire history of the stock market.June 12 from another wallet and sent some $750,000 in ETN with the Commission 2310 ETN, or $538 000. Cryptologist speculated that it was. Among the versions: user error, a glitch in the bot, the laundering of funds. According to the most plausible of them, with such huge commissions, unknown hackers to extort funds from one of the major exchanges. What scenarios look the most real, as hackers could gain access to the money and why can’t just steal them, understood DeCenter.
Three transactions with a total cost of commissions of $5.7 million
June 10, unknown holder wallet sent 0.55 ETN (≈$133), paying 10 666 ETH for the transaction Commission is approximately $2.6 million Reward went to the Chinese mining pool SparkPool. According to ETH Gas Station, the recommended fee for a standard transaction — $0.10−$0.20, and for an Express — $0.15−$0.30. Thus, the user should not have to spend more than $0.30.
June 11 from the same address was sent another 350 ETH (≈$86 000) to another address with the Commission within 10 668 ETH — about $2.6 million this time transaction processed by one of the largest mining Ethereum-pools — Ethermine.
June 12 from another purse someone sent 3221 ETH (≈$751 000) with the Commission 2310 ETH (~$538 000). The wallets of sender and receiver belong to a mining pool MiningPoolHub.
SparkPool had to distribute the Commission among its miners, but it has frozen funds and began investigating the incident. The pool operator company Bitfly, first announced that it was ready to return the funds to the trader in the event of an error, but after the user has contacted, on June 15 said it will distribute the amount of Commission between the pool miners according to the snapshot can see the network at the time of the transaction. The company said that it asked a few people posing as the sender, but none can provide the signature from the wallet.
Incidentally, this is not the first time SparkPool sides osibisa user. In February of last year, the user mistakenly paid 2100 ETH (≈$300 000 at the then exchange rate) as a Commission and asked for the pool to return the funds. SparkPool returned him half the funds, and the rest is left to the miners.
Ethermine also believes that the transaction is erroneous and was ready to return the funds to the sender, but did not receive a response, Poole decided to distribute the coins among miners.
What is known about the wallets of senders and recipients
Still unknown the identity of senders and recipients — none of them claimed to be and did not SparkPool and Ethermine for the return of funds.
The wallet balance of the first sender — 16 760 ETN, or more than $3.9 million Purse was created on 6 June — just four days before the holding of the transaction record by the Commission. The maximum it was 46 000 ETN, or more than $11 million From June 6 through the purse held more than 9,000 transactions with commissions less than $1 — almost one per minute. Such activity would imply that the sender is a normal user.
Purse the first recipient is already empty — all the funds transferred to other purses, and it happens automatically. The money was sent to the South Korean cryptocurrency exchanges Bithumb. However, this does not mean that the wallet owns it is likely to exchange only an interim budget. The address had been registered seven months ago.
Purse first recipient. Source.
Purse second recipient is also empty. There are only 50 days. It is noteworthy that on June 11, the day of receipt, 350 ETH, he was also sent 0.012 ETH confirmed the purse exchange OKEx.
The second purse of the recipient. Source.
In the second sender’s wallet coin only $4.5.
The purse is the third recipient 5948 ETH (≈$1.38 million) and regularly withdraw funds.
The third wallet of the recipient. Source.
Versions of what happened
After the first transaction record Commission cryptologist began to speculate about what happened. The available information is still insufficient to say with certainty, but we have gathered basic version.
Error senders. Overly expensive fee could be the result of simple oversights. To pay millions instead of a few cents, enough to accidentally make a mistake in filling in data when sending coins or confuse the field. Ethereum the user full control of their expenses on the fee. It can choose its price: the higher it is, the faster will be processed transaction. So, the user may have wanted to send $2.7 million, paying a Commission of $100, but accidentally mixed up the fields.
However, oddities in the wallets of senders, frequent transactions, and the presence of two different wallets make this version unlikely. In addition, earlier in other transactions first, the sender always used the price of «gas» 60 Gwei, and before this transaction raised to 500 million Gwei.
«Most likely, it was someone’s deliberate intervention» — commented the publication Decrypt Alex Svanevik, the founder of the DAO D5.
Definitely a mistake.
I’m expecting EIP 1559 to greatly reduce the rate of things like this happening by reducing the need for users to try to set the fees manually.
— vitalik.eth (@VitalikButerin) June 10, 2020
«Definitely it was a mistake. I expect [update Ethereum] EIP-1559 significantly reduce the frequency of such cases, reducing the need for users to attempt to set the charges manually,» commented Vitaly Buterin first transaction record by the Commission.
Error bot. This version was one of the major after the first transaction. Transactions of the first sender went almost every minute — so does bot. This is supported also virtually duplicate the size of the fee in two transactions — 10 668 ETH. A glitch in the algorithm could explain the astronomical Commission.
The bot can handle the cold wallet of some exchange or be associated with money laundering in favor of the latter by the regularity and automation of funds transfer. Theoretically, this could be a purse of some dApp, but the description of the transaction, there is no smart contract.
Here the sender account does NOT look like an exchange (typically round numbers maybe minus fees) but rather like a dedicated laundering bot sending *exactly* one transaction per minute for quite some time with remarkable precision — keep in mind that the tx needs to be mined in time pic.twitter.com/hnHRvAMfpU
— Sebastian Bürgel | scbuergel.eth (@SCBuergel) June 10, 2020
«Here the account of the sender’s address looks like exchange (they typically round numbers, probably minus the fees). It’s more like a special bot for money laundering, sends exactly one transaction per minute for quite a long time with excellent accuracy — keep in mind that the transaction should be produced on time,» explains his version of the error in the bot’s money laundering Sebastian bürgel, founder Hoprnet.
The laundering of funds. However, this may not be a bug, but a deliberate attempt to launder money. But in this case, the sender must be in cahoots with the miners and pools. But given that the transactions were in different pools, used by thousands of miners, and they froze the funding, and also the fact that such a large transaction will inevitably attract the attention of the community, this version is unlikely.
The investigation of the Chinese authorities. The experts TrustNodes believe that transactions with record commissions can be associated with the blocking by Chinese authorities of the Bank accounts of local miners because of the investigation activities of the OTC bitcoin traders charged with money laundering.
Recall that in 2017 trades with cryptocurrencies on the national exchange in China is prohibited. So traders and miners are forced to resort to OTC services.
Version about hackers and blackmail
While it seems most plausible version of what happened — hacker blackmail one of cripture. Likely scenario put forward Chinese blockchain Analytics company PeckShield, which has led to the publication Decrypt.
Experts PeckShield don’t know how exactly, but most likely, the hackers gained access to the hot wallet of one of kryptomere and part of the permissions to send transactions. Perhaps they used a phishing attack (fake website or email in order to obtain credentials).
However, at this stage the problem occurred. On the server the exchange was used the technology of multipoles that includes multiple keys to send funds. The last of the hackers was not first, they couldn’t do. However, later they realized that they can circumvent the protection by using a simple trick. Hackers can transfer money to own accounts, but can send them to specific accounts that are marked in the database of the exchange as reliable (which require only one authorization), and control the price of gas. In the end, the hackers send funds with excessively high transaction charges on account of the exchange. Although they failed to withdraw money directly, but this trick is costly to exchange, which gave hackers the opportunity to demand a ransom for the termination of these actions. Now the wallet remains only $3.5 million instead of the original $11 million — so the rest of the funds have already been burned.
Experts PeckShield not referred to a specific exchange, but their version looks compelling for the first two transactions. However, it is not clear why the team exchange has still not regained access to the wallet and not block withdrawals for any purses.
But the purse associated with MiningPoolHub is likely to have been hacked directly. This view is shared by blockchain Explorer Frank Topbottom. But he believes that this case is not related to the two previous transactions.
Exchange or other service being hacked: hacker can move the coin but only to a certain list of addresses which are whitelisted (or other unknown constraints)
hence by “tossing” asset exchange might pressure the exchange side to settle with ransom
— Dovey 以德服人 Wan 🪐🦖 (@DoveyWan) June 12, 2020
«The stock market, or another service hacked: the hacker can move the coin, but only in certain wallets that are in the «white list» (or any other constraints). Consequently, this «merging» of assets can put pressure on the exchange that will be forced to pay the ransom,» came to a similar conclusion experts PeckShield Dowie Wang, founding partner PrimitiveCrypto.
Even if the incidents were not due to user error or algorithm, and targeted hacking, they again raise the topic of transactional errors in the blockchain and irreversibility of transactions.
Transactional errors are not uncommon in the crypto industry, but usually they are not so great. To cancel the transaction in a decentralized blockchain is impossible. However, it is possible that the blockchain network must have the ability to decline the transaction if they do not meet any of the criteria, for example, if clearly too large commissions that exceed the amount of the departure. So now the blockchain Bitcoin rejects charges that are too low. Such a mechanism could significantly reduce the transactional errors.
Usually no third party is able to intervene in a transaction between two users of the blockchain is one of the main advantages of the system. But it can also be considered as one of the main disadvantages of networks of decentralized crypto-assets. The irreversibility of the operations impose on the users full responsibility for them — in case of error, the funds can be lost forever. However, in the public blockchain, all data networks are fully transparent, including the recipient’s address. If the wallet is identified, there remains the option to negotiate directly with the parties themselves.