Users with funds stuck on the multi-chain token bridge provided by Allbridge are first in line to receive compensation under a recovery plan posted by the project following a recent exploit.
In an April 5 statement, Allbridge said it has already started a compensation process for users despite only “partly recovering funds” after it was hacked for roughly $573,000 on April 1.
“We will start with the bridge users whose transactions got stuck in pending due to the emergency shutdown,” Allbridge said, adding it will then compensate its liquidity providers (LPs).
“We aim to fully compensate those victims of the exploit with funds available to us,” it wrote.
It noted that it enabled LPs the ability to withdraw funds on April 2, with the majority withdrawing their assets from the pool. Some, however, were able to withdraw even more “due to the pool’s disbalance.”
Others were unable to withdraw “a reasonable amount” from the liquidity pool due to other users withdrawing more than their original balances and the impact of the hack on the pools.
An application form is currently being drafted for LPs who were unable to withdraw their assets, allowing them to apply for compensation and provide details of their losses.
The form is anticipated to be completed within the next two days, with the compensation process expected to commence next week, starting with users who “have used the bridge shortly before the shutdown.”
“All the affected parties by the exploit will be subject to additional rewards in the future, but compensation remains our main priority.”
The compensation plan comes after Allbridge tweeted on April 3 that 1,500 BNB, worth approximately $465,000, was returned to the project following a public proposal made to the hacker in an April 1 tweet.
The protocol’s exploiter seemingly accepted Allbridge’s offer of a “white hat bounty,” where they could keep a portion of the stolen funds in exchange for an assurance that no legal action would be taken.
Meanwhile, Ethereum-based noncustodial lending protocol Eurler Finance announced on April 4 that following successful negotiations, it recovered most of the $196 million stolen in a March 13 flash loan attack.
The attacker managed to steal millions worth of Dai, USD Coin, staked Ether (StETH) and wrapped Bitcoin (WBTC) in the largest hack of 2023 so far.