Exploiter Could Walk Away With Unparalleled ~$50M Bug Bounty

Mango Madness season is here, and March Madness has passed. The Solana-based lending protocol has been a spectacle unlike any other throughout this week, and that’s certainly saying something considering the amount of antics crypto brings to the table on frequent occasion. Since our first covering of Mango’s exploit that led to a full-fledged drain of the protocol, things have only gotten more twisted and convoluted.

Let’s take a look at how things have developed this week and where things go for Mango Markets moving forward.

A Mango Monstrosity

Mango’s exploiter has generally been seen in the crypto community as less “hacker” and more “manipulator,” if we’re being frank. Regardless, things got interesting after Tuesday’s exploit when the attacker initiated a governance proposal; that proposal is said to have closed. Mango Markets drafted a new proposal, which was approved by the attacker. This is meant to be a bug bounty for users, and it leaves Mango with $70M, or just under $114M, of their current balance. That leaves the exploiter with a nearly $50M ‘bug bounty,’ a strikingly large number compared to any previous bug bounty in crypto and one that has led to a large degree of criticism (look no further than the governance proposal’s comment section for evidence of this).

The exploiter quickly deployed the MNGO tokens that they seized (roughly 30M tokens) to vote in favor of their own initial proposal, but did not seem to vote on the subsequent and closing proposal – which nonetheless closed at a tally of 473M in favor and 16.6M against. The exploiter has seemingly gained protection through the proposal as well, as the protocol “will not pursue any criminal investigations or freezing of funds once the tokens are sent back as described,” according to the proposal’s language.

Mango Markets (MNGO), is seeking stable ground in order to assess if recovery after Tuesday's exploit.Source: MNGOUSD at TradingView.com | Source: MNGO-USD on TradingView.com

What’s Next

It’s hard to say where we go from here, and what degree of protection that attacker will actually see. According to reports, the exploiter funded attacks accounts using an FTX wallet. Their degree of protection can only be speculated.

Regardless, even when you deduct the initial $10M balance that the exploiter introduced into Mango, the protocol is generally giving up a heftier sum then usually seen in these scenarios – one of the largest in crypto’s history, in fact. We’ll see if the protocol can keep the heartbeat alive and shut down critics in the long run.

Featured image taken from Pixabay. Charts taken from TradingView.com
This content was not written by or associated with the mentioned parties. This content is not intended to be financial advice.
The views expressed in this op-ed are those of the author and do not necessarily represent the opinions of Bitcoinist. Bitcoinist supports financial and creative freedom.

Get more Crypto News at CFX Magazine