EOS has championed the value of its Recover+ (R+) scheme, also known as R+, following the successful restoration of 2 million EOS tokens that were illicitly obtained. The theft of EOS by a hacker using around 6,000 wallets impacted PayCash, an EOS-native project. The event ended favorably, however, after R+ returned the funds to their rightful owner.
The incident has shone a spotlight on the topic of blockchain asset recovery, showing the delicate balance that stakeholders such as network validators must maintain between decentralization and proactively mitigating crime. In this case, the successful recovery of the 2 million EOS exfiltrated from PayCash appears to have been widely welcomed by the EOS community.
EOS Recovers Reputation and Tokens Galore
The theft of crypto assets is never good news, but every once in a while an unfortunate loss gains a redemptive arc, as was the case with PayCash. The EOS Recover+ team, tasked with combating onchain heists, rode to the rescue, and after an extensive investigation was able to ensure full restitution.
The incident took place in May 2023, but it took considerably longer for the attack to be investigated and the entities behind it identified. There were a number of singular qualities that made the PayCash attack unlike anything else Recover+ had dealt with before on the network, not least because it involved the EOS EVM, where the stolen funds were sent.
Despite breaking new ground for an EOS cyberattack, the satisfactory resolution to the incident has restored trust in R+ and provided further proof that onchain asset recovery is possible without weakening the very qualities that make blockchain so valuable in the first place.
Everything Goes Better Than Expected
On May 6 last year, EOS project PayCash detected a hack that resulted in the loss of almost 2 million EOS, around $1.8M at current prices. While the Recover+ team was swift to respond, there were a number of factors that complicated the investigation. For one, PayCash had no audit in place at that point in time. Then, there was the fact that the attackers had rapidly moved the funds from the EOS main chain to the EOS EVM.
At the point of the hack occurring, there were no provisions in place to remedy this matter, but things improved in September when the EOS EVM underwent an upgrade. This included adding provisions designed to address security vulnerabilities, and from here, R+ and PayCash quickly swung into action.
Reversing the hack called for first demonstrating a solution on the EOS EVM testnet with the aid of leading EOS engineers. It also called for conversations with EOS Block Producers (BPs) whose approval was vital. This led to a proposal to resolve the PayCash hack being submitted on February 21. A few revisions later and the proposal was accepted, resulting in close to 2 million EOS being retrieved from over 6,000 accounts controlled by the hacker. A good ending to a bad mess.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.