phone, communications

Bitfinex is now seeking to strike a deal with the hacker who stole $65m in bitcoin from the exchange back in August.

The latest twist in the ongoing story comes nearly three months after Bitfinex lost roughly 120,000 BTC in the breach. The exchange was offline for days before restoring service and eventually electing to pursue a novel (and controversial) way to spread the loss among exchange users.

Representatives of Bitfinex explained that while previous bounties had been offered for information on the theft, the Hong Kong-based company had not made any direct overtures to the hacker or attempted to establish secure communications.

In a blog post today, Bitfinex did just that, setting up an email address and PGP key which were set up on a public key server, while also offering instructions on why it believes the technical tools would enable the hacker to securely contact the exchange.

Previously, Bitfinex had offered to give 5% of the value of the stolen bitcoins to anyone who provided information that could lead to the recovery of the funds.

Bitfinex chief strategy officer Philip Potter told CoinDesk:

“We wanted to offer clear instructions on how to communicate should the hacker feel there might be a better [or safer] way of getting paid at some fraction of the original theft amount.”

As for how this affects attempts by Bitfinex to work with authorities, Potter was less clear, declining to comment. The exchange had previously revealed it was cooperating with the FBI and undisclosed European authorities following the hack.

Bug bounty

On the size of the bounty, Potter was also not able to provide exact details, though he did suggest Bitfinex is willing to negotiate any final terms with the hacker.

“We are open to any arrangement that maximizes recovery for our customers,” Potter explained. “We will consider any [and] all arrangements to that end.”

Potter also spoke to what he saw as the value of the deal given that Bitfinex believes the stolen funds have not been exchanged or sold, and that doing so would be difficult given their public visibility on the bitcoin blockchain.

The funds, if received, could go a long way toward helping Bitfinex recover from the theft.

Potter said the funds will be used to purchase the BFX tokens and Recovery Right Token (RRT) issued to investors as compensation for the breach. (More details can be found in an extended blog post for investors here).

According to company blog posts, roughly 2.5% of the outstanding digital IOUs issued to consumers have been so far redeemed.

Market boost

If returned, the funds could also give a boost to the bitcoin market as a whole.

For example, market analysts believe the massive reduction in market supply has had an adverse effect on interest and sentiment, while at the same time reducing exchange liquidity.

In the past few months, the bitcoin market has also provided evidence to these claims, rising and falling sharply on what analysts suggest could have been single outsized trades.

Notably, the price of bitcoin has traded largely sideways since the incident, with data indicating that has not yet recovered above its 31st July value of $654.98.

Phone image via Shutterstock

Leave a Reply