More than two months after exploiting TrustedVolumes, a hacker has returned 1,122 ETH, roughly $2 million, while retaining an equivalent amount as part of a negotiated bug bounty. The initial attack in May drained $5.87 million from the 1inch-linked liquidity resolver.

This incident highlights a growing trend in decentralized finance where settlements replace lengthy recovery efforts and legal battles. Instead of chasing attackers through courts or law enforcement, projects like TrustedVolumes are negotiating directly with hackers to recover funds faster.

Details of the Recovery and Settlement

The attacker returned the funds through an Ethereum transaction and kept a similar sum as a reward agreed upon during the negotiations. At the time of the agreement, Ether was valued at approximately $1,843, making the recovered amount close to $2.07 million.

Both parties confirmed the settlement by posting a message on-chain. It stated, “We have finalized the negotiations with the original exploiter.” The message also confirmed that the exploiter received their bug bounty in exchange for returning the stolen assets. TrustedVolumes encouraged any other participants from the attack to come forward by contacting them at support@trustedvolumes.com.

Implications for DeFi Security

This case raises concerns about the precedent it sets for future breaches. Bug bounty negotiations might start to appear as a viable exit strategy for would-be attackers who prefer settlements over prosecution or long asset recovery processes.

TrustedVolumes indicated a willingness to engage in "constructive communication regarding a bug bounty and a mutually acceptable resolution" immediately after the exploit. This approach may help projects recover stolen funds more quickly but also risks encouraging exploiters to rely on bug bounty deals instead of facing consequences.

This material is informational and does not constitute financial advice.