Crypto Platform Mistakenly Gives $90M To Users, Asks For Refund

In a major blunder, cryptocurrency platform Compound accidentally paid out $90 million among its users.

Shortly after the mistake, the platform’s founder began asking users to return the money—or else they would be reported to IRS, and possibly doxxed, threatened the founder.

Platform upgrade error spills out $90 million

Compound is an Ethereum-based money market protocol that enables users to earn interest or borrow assets against collateral. Lenders can provide assets to Compound’s liquidity pool and start earning compounding interest, with interest rates dictated automatically by supply and demand.

Yesterday, due to an erroneous upgrade process, the decentralized finance (DeFi) platform ended up spilling out Ethereum assets worth $90 million to its users.

Compound’s “Comptroller” contract’s transaction history shows where all the Ethereum tokens went. 

Compound’s founder Robert Leshner urged users who received these Compound tokens in error to return the assets to the platform’s Timelock contract.

Also Read: How PII Data Works In Businesses And Its Advantages

To incentivize users, Leshner stated that for their “white-hat” behaviour they may keep 10% as a reward. 

If you received a large, incorrect amount of COMP from the Compound protocol error:

Please return it to the Compound Timelock (0x6d903f6003cca6255D85CcA4D3B5E5146dC33925). Keep 10% as a white-hat.

Otherwise, it's being reported as income to the IRS, and most of you are doxxed.

— Robert Leshner (@rleshner) October 1, 2021

“Otherwise, it’s being reported as income to the IRS, and most of you are doxxed,” threatened the founder in the same tweet.

And it was this last bit that may have rubbed some users the wrong way.

“Wow… this is just embarrassing – a plea wrapped in a threat, fueled by the lack of privacy,” reacted blockchain engineer Assaf Morami to Leshner’s tweet.

Also Read: How To Check Data Breach And How Can We Prevent It

“This is how to make people who would marginally be willing to help you out for your mistake keep it out of spite,” said tech entrepreneur Ryan Lackey.

I want my money back!

Following the $90-million-blunder, the value of Compound’s native token, COMP dropped by around 13% within 24 hours of Leshner’s tweet. Although, at the time of writing, the value is steadily climbing back up:

Realizing that the original wording of his tweet may not have sat well with many, Leshner revised his tone:

“I’m trying to do anything I can to help the community get some of its COMP back, and this was a bone-headed tweet / approach. That’s on me,” said Leshner.

“Luckily, the community is much bigger, and smarter, than just me. I appreciate your ridicule and support.”

Although, you may be relieved to learn that user funds, supplied assets, borrowed assets, and positions are not impacted by this incident.

“Users don’t have to worry about their funds; the only risk is that you (or another user) receives an unfairly large quantity of COMP,” explains Leshner.

Because the Compound protocol requires a seven-day governance process before any production changes can be made, Compound’s only option at this time is to wait on users, hoping they will return the assets.

It remains yet to be seen how many users who erroneously received the crypto assets would be returning them to Compound. But, the odds look optimistic for the platform.

In two recent cryptocurrency heists, Poly Network’s attackers had returned the $611 million stolen from the DeFi platform. SushiSwap’s MISO platform was also able to recover $3 million worth of coins stolen during an insider attack.

The stark difference being, both of these incidents concerned criminal activity, followed by a successful recovery outcome. Whereas, in Compound’s case, the technical error has left the funds in the hands of honest users who, we hope, will remain honest.