After Prisma Finance fell victim to a hack that resulted in an $11 million loss, a hacker in the decentralized finance (DeFi) sector has made some surprising demands. This individual, who identifies as a white-hat hacker, claims to be an ethical hacker who discovers and fixes bugs. Under certain conditions, they are willing to return the stolen funds, as revealed in the incident that occurred on March 28.
The hacker’s demands have stirred controversy within both the wider DeFi community and Prisma Financial’s community. They are requesting that the team hold an online press conference where they openly disclose their names, apologize to users and investors, and commend the hacker for helping them address the security breach. The basis of this criticism is that Prisma failed to identify the vulnerability that was exploited in the hack. By acknowledging this publicly, it could serve as a warning to others in the DeFi industry.
In response to the hack, Prisma Finance has temporarily halted protocol operations while conducting an analysis of the incident. They have identified a vulnerability resulting from inadequate input validation on a specific smart contract function, which they plan to rectify. Their primary concern at the moment is recovering investors’ funds and relaunching the protocol once it is deemed secure.
The hacker’s actions, including transferring over 2 million in ether to the address of the Blockchain mixing service Tornado Cash, have raised speculation about their motives. Tornado Cash is known for obfuscating cryptocurrency transactions, which contradicts the hacker’s claim of being a white-hat hacker. This has led to concerns among Prisma Finance users, with one user on the platform’s Discord suggesting that the hacker may be torn between beneficial and malicious activities.
This incident highlights the ongoing security challenges in the DeFi sector. While negotiations with hackers are not entirely unprecedented, this case presents unique challenges that go beyond conventional mitigation strategies. The question of whether it is ethical to publicly commend a hacker for their actions is raised.
As the situation unfolds, the DeFi community is observing how the handling of this incident will establish a standard for addressing security breaches in the future. The case of Prisma Finance and the hacker raises ethical, strategic, and broader implications for ensuring security, transparency, and accountability in the ever-evolving DeFi landscape.
