Crypto Developer Offers $2.5 Million Bounty After Sending $25 Million in Tokens to Wrong Ethereum Address
A crypto developer is in a bit of a bind. They accidentally sent $25 million worth of Renzo tokens to the wrong Ethereum address.
Here’s what happened: The developer transferred 7,912 ezETH, a type of liquid restaking token. Each token was worth over $3,400. Instead of sending it to a Safe, they sent it to a Safe Module. Now, those funds are frozen, and the developer is offering a 10% reward—$2.5 million—to anyone who can help recover the money.
The tokens ended up in an Ethereum contract address called ‘CoboSafeAccount.’ The developer has the keys to the wallet, but due to the specific token type and a bug in ERC-20 transaction handling, recovery isn't possible right now. Interestingly, the CoboSafeAccount now holds around $27 million in Renzo Restaked ETH (ezETH). This amount has actually increased a bit because of a recent rise in the price of ether (ETH).
Renzo is a liquid restaking protocol that works with EigenLayer, a layer 2 solution on Ethereum. It allows users to earn Ethereum’s proof-of-stake yield simply by holding ezETH, instead of needing to stake ETH themselves.
Currently, Renzo boasts a total restaking value of $1.6 billion on its platform.
A hacker known as “Dexaran” weighed in on the situation. He pointed out that the issue stems from a security flaw in ERC-20 contracts. This is something Ethereum developers have overlooked since 2017. Dexaran noted that the ERC-20 transfer functions lack proper handling protocols.
Moreover, they don’t have failsafe defaults or error-handling protocols, which could have prevented the mistake made by the CoboSafeAccount owner.
Dexaran also mentioned that he created the ERC-223 standard, which supposedly offers better transaction handling. He has tried to engage with Ethereum developers about ERC-223, but with little success.
The owner of CoboSafeAccount confirmed that the contract lacks a transfer function.
As of now, many comments on X suggest that the developers at Renzo might be the only hope for the distressed developer to recover the $27 million. Since Renzo owns the ezETH contract, they could potentially update it to allow for fund retrieval. However, this would require cooperation from the developers behind this billion-dollar protocol.
Some commenters proposed offering Renzo the bounty, while others suggested negotiating with them or applying social pressure on the team.
There were also suggestions that the CoboSafeAccount owner could add himself as a delegate and use execTransaction to withdraw the funds if he controls the contract. However, that method hasn’t worked out yet.
The resolution of this issue is still uncertain. Renzo might decide to update their contract to help the developer work around the bug in ERC-20 transaction handling. But it’s also possible that the funds will remain stuck forever.