Beanstalk Farms offers 10% reward plea deal to hackers

On April 18, Beanstalk Farms, a credit-based stablecoin platform that was attacked for about $76 million in crypto, promised a 10% whitehat bounty if the attackers returned the cash.
Beanstalk Farms offers 10% reward plea deal to hackers
Beanstalk Farms offers 10% reward plea deal to hackers

The offer was made public on the company’s Twitter account and conveyed to the attackers the next day via an on-chain message. The exploiters would be required to restore 90% of the stolen funds to Beanstalk Farms’ multi-sig wallet, according to the proposal.

In exchange, the exploiters will be able to keep the remaining 10% as a whitehat bounty, which is a contract made by platforms to compensate those who report security exploits and flaws.

The $76 million exploits, which were first assumed to be over $182 million, were not considered a hack, according to Cointelegraph, because the smart contracts and governance mechanisms used to carry out the transfer worked as expected.

Beanstalk founders Benjamin Weintraub, Brendan Sanderson, and Michael Montoya revealed in a podcast on Monday that design problems “ultimately contributed to its undoing.”

The exploit was carried out using a previously undiscovered flaw in Beanstalk’s governance process, according to a statement released on Tuesday.

The company also said on Tuesday that it has temporarily turned off protocol governance and suspended Beanstalk while it worked on a plan to re-launch with a clear route forward.

Beanstalk’s future plan

On Tuesday, Weintraub returned to the show to discuss the company’s future plans, which involve some form of fundraising.

“Let’s start with what’s the problem. Beanstalk had something like $76 million stolen from it yesterday. Now it needs to recoup as much of that money as possible. It doesn’t need to recoup all of that money.”

Should the exploiter fail to refund the funds, Weintraub proposed a number of options, including giving a newly minted token or slashing its users’ token holdings, known as Pods, Stalk, and Beans. The ERC-20 tokens Pods, Stalk, and Beans are utilized to power the credit-based stablecoin protocol.

Weintraub concedes that the exact framework for raising the funds is still “very much in the air,” but he remains optimistic about the protocol’s long-term viability.

“From our perspective, Beanstalk isn’t going anywhere. Beanstalk Farms isn’t going anywhere. The real question is how much of the $76 million Beanstalk is able to crowdsource. This isn’t the worst place to be in guys.”