- The 1inch Foundation has requested community views on reimbursing hack victims
- The reimbursement amount is $768,026 and will be removed from the 1inch DAO’s treasury
- 1inch suffered a supply chain attack in October last year
The 1inch Foundation is seeking community views on whether to withdraw $768,026 from the 1inch DAO treasury to reimburse hack victims. 1inch suffered a supply chain attack in October last year after malicious actors exploited a vulnerability in version 2.0.5 of Lottie Player, a web component powering animations on websites. According to the DEX aggregator, the vulnerability allowed hackers to replace “the aggregation function with malicious code,” leading to the loss of funds.
1inch DAO to Handle Payouts
The reimbursement amount, if approved, will be transferred from the DAO’s treasury to the foundation’s address, which has said it will manage the reimbursement process, including verifying victims. To qualify for compensation, a victim must provide “verifiable proof of funds lost” in the form of transaction hashes. They’ll also be required to provide proof that they reported the loss of funds to law enforcement agencies, complete KYC compliance procedures, and sign a compensation agreement.
The foundation disclosed that funds recovered from the incident will be returned to the DAO’s treasury, and compensated victims will “waive rights to any funds recovered through law enforcement.” It added that the compensation amount will be calculated in USD equivalent at the time of the hack.
Royal Cayman Police Still Investigating
According to the 1inch Foundation, the Royal Cayman Islands Police Service, blockchain investigation agencies, and other collaborators are still investigating the incident. So far, over 60% of the DAO members have supported the proposal, with 36% voting against. The voting is scheduled to end on June 22.
The proposal comes three months after a threat actor returned funds siphoned from the platform in March. It also comes a week after the DEX aggregator announced an upgrade meant to enable smarter and faster trades.
With over 60% of the 1inch community already supporting the proposal, the hack victims are on their way to being made whole again.
