SIR.trading offers attacker $100K bounty after losing entire TVL to exploit

After losing its entire total value locked to an exploit, decentralized finance protocol SIR.trading has offered the attacker a $100K bounty to return the remaining funds.

On March 31, Xatarrer, the anonymous creator behind the Ethereum-based platform, made a direct on-chain plea to the hacker.

In the message , they asked the attacker to keep $100,000, which accounts for roughly 28% of the stolen funds, as a “fair share” for finding a critical vulnerability, vowing that no legal action would be pursued if the remaining funds were returned.

Xatarrer said the project was built from scratch over four years with late-night coding sessions and $70,000 pooled from friends and supporters. 

With no backing from venture capital firms, the protocol had grown organically to around $400,000 in TVL before the exploit drained it all. 

“If you keep 100% of the funds, there is no chance for us to survive,” they added.

Xatarrer also acknowledged the skill involved in the exploit, calling the attack “almost beautiful if it wasn’t for all the funds people lost.”

So far, there’s been no response from the attacker. According to Etherscan data, the stolen crypto has already been funneled through Railgun, a privacy protocol that obscures transaction trails.

SIR.trading, also known as Synthetics Implemented Right, was exploited on March 30 , after a vulnerability in one of its core smart contracts led to the protocol’s entire TVL being drained.

The vulnerability was linked to a function in the protocol’s smart contract called uniswapV3SwapCallback, which is part of the Vault contract. According to experts, the vulnerability involved Ethereum’s transient storage, a feature introduced in the Dencun upgrade to help reduce gas fees.

The attacker manipulated the transient storage before the transaction ended, using it to overwrite security data mid-process. This allowed them to trick the contract into accepting a fake Uniswap pool address controlled by the attacker.

Following the incident, Xatarrer said they still hope to rebuild the protocol. In their latest message to the community on X, the founder added that the team had already started “planning” the next steps for the protocol.

The SIR.trading exploit adds to a growing list of crypto security incidents this year. Last month, Starknet-based layer 2 money-market protocol zkLend lost over $9 million worth of Ethereum in an exploit.

February proved especially brutal, with losses from hacks and scams topping $1.5 billion, according to a March 5 report from blockchain security firm Certik.