A temporary compensation plan for token holders and investors impacted by one of the largest exploits in DeFi history has been revealed by a cross chain decentralized finance (DeFI) protocols after a devastating hack.
The Interim Compensation Plan has been announced by EasyFI and which is a multistage process and which entails IOU tokens, immediate payments and incentive programs that is directed at victims of the attack.
However, with $6 million in stablecoins and 2.98 million EZ tokens worth upwards of $120 million lost at the time of the attack, the hack, which took place 19 April, is considered to be among the largest in DeFi history
After exploiting the protocol they owned upwards of 30% of the supply of EZ tokens and there was limited liquidity with which to unload them and which reveals that the hacker was a complicated position. Rendering the attacker’s remaining tokens effectively worthless, the token “hardforked” to EZ 2.0 a week later
The hack was the result of a “targeted attack on the founder’s machine/metamask to access admin keys and execute the well-planned hack, according to Ankitt Gaur, the founder of EasyFI.
A 2020 hack on the personal computer of Hugh Karp, the founder of Nexus Mutual, who lost $8 million, is quite similar to this recent attack.
The theft may have been the result of lax security practices, in that a single individual was in possession of the keys to the treasury, as opposed to being secured in a wallet with precautions against this type of hack such as a multisignature scheme or timelocked transactions, according to an expert.
In their compensation plan blog post, EasyFi characterizes the attack as “well-planned” and “sophisticated.”
Regardless of the cause, the efforts to compensate victims is multifaceted. Per their post, 25% of lost funds will be distributed to users “immediately” in the form of stablecoins, while the remaining 75% will be distributed as “IOU” tokens. The IOU tokens will have “25% discount on spot price of EZ at the time of distribution,” and be redeemable for EZ v2 tokens on a 1-to-1 basis. Hack victims will also reportedly be the recipients of future airdrops from unspecified partners and have access to other incentivized programs still in development.