MakerDAO Team Recovers 63 ETH for Rightful Owner
Engineers for the DeFi DAO have successfully recovered roughly 63 ETH for its rightful owner.
- Last month an unlucky Oasis user unwittingly sent approximately 63 ETH to the wrong address.
- The user assumed the funds were lost forever, but fortunately their plight caught the attention of the MakerDAO team.
- In a remarkable turn of events, the engineering team was able to recover the funds for the owner.
Share this article
After more than three weeks of thinking they had lost 63 ETH forever, an Oasis user was notified that their funds had been returned. The MakerDAO Protocol engineering team was able to return what the user described as “literally everything I had in the world besides my car.”
MakerDAO Makes Things Right
In a mix of engineering ingenuity and genuine concern, the MakerDao Protocol’s engineering team found a way to recover roughly $240,000 worth of lost ETH for its owner.
In a Reddit post from 23 days ago, a user detailed the harrowing experience of sending roughly 63 ETH to the wrong address. In a video uploaded to YouTube after losing the ETH, the user details exactly what they did as a warning to others. According to the user, they simply connected their Metamask wallet to Oasis, switched the network from Ethereum Mainnet to Arbitrum, and deposited the ETH into the DAI token bridge on Arbitrum.
The problem was that the token bridge was only available for DAI—not ETH. Even though ETH might sometimes be used to interact with the Maker Protocol, that was not the case here.
In the same Reddit post, the user ended with:
“This was literally everything I had in the world besides my car. I’m not posting for sympathy, I just want everyone to know so it doesn’t happen to them… I know I’m the one who made the transaction. I take responsibility for that.”
Yet sympathy they got. Sam MacPherson, of the protocol engineering team at MakerDAO, detailed what happened next in a tweet. Since Ethereum addresses are “deterministically generated,” any smart contact address on Layer 2 that has “previously been deployed by a Layer 1 EOA” can be replicated.
An EOA is an Externally Owned Account, which is a normal Ethereum address with private keys, rather than simply a contract account (such as might be used in DeFi contracts). The Layer 2 address the funds corresponded with corresponded to a known Proxy contract on Layer 1, and so the engineering team was able to insert arbitrary smart contract code into the receiving Layer 2 address.
The engineers then used the Layer 1 ProxyRegistry deployment to find the nonce, as the smart contracts need to share the same deploying address and the same nonce in order to deploy on the EOA. They then initiated arbitrary (“self-sends with no call data or value attached”) smart contracts to Arbitrum from the EOA (the user’s ETH wallet) until they got to the desired nonce, which allowed them to deploy the contract they wanted.
As MacPherson concludes: “Once we have the Proxy deployed at the target address we can issue a command to send the ETH back to the original user and voila we recovered the ETH!”
In other words, the engineering team effectively found a way to reverse a blockchain transaction.
Upon receiving the returned ETH, the user updated on Reddit:
“I honestly cannot believe this. As soon as I realized what had happened, I was positive it was gone forever… These guys had no obligation to me whatsoever and yet they still took the time to figure out how to do something that many people, including myself, thought would be impossible.”
It may turn out that “impossible” is only a word, after all.
(Disclaimer: At the time of writing, the author of this piece held BTC, ETH, and several other cryptocurrencies.)