Deciding to steal $85 million worth of cryptocurrency isn’t something to take lightly.
For the members of the White Hat Group, however, it seemed to be the only move left. On July 19, the loose collection of hackers and cryptocurrency experts were alerted to the theft of $32 million worth of ether — the so-called money unit of Ethereum — and realized that if they didn’t act quickly the losses would spread.
An hour and fifteen minutes later they started hacking.
However, this isn’t your typical cryptocurrency heist story. Because instead of lining their own pockets, the White Hat Group was allegedly taking the money in order to prevent it from getting stolen by a malicious hacker — planning to return the ether to its rightful owners as soon as the vulnerable wallets that allowed the heist could be repaired.
“I’m like Commissioner Gordon and Jordi is like Batman.”
And returned it they have. The group began the process of repatriating the funds on July 24, and as of the time of this writing has sent back approximately $60 million worth. That’s $60 million that just a few days ago was at risk of being stolen and never seen again, but now is back in the metaphorical hands of its owners.
For this, the WHG has been hailed as mysterious heroes by members of the cryptocurrency scene. But the question still remains: Who are they, really? Could the WHG truly just be do-gooders trying to make the world a better place, or is something sinister going on?
For once, this is a story with a happy ending.
A conversation with Mashable suggested the WHG consists of cryptocurrency true-believers trying to do the right thing for a community they hold dear. But, thankfully, that strong sense of purpose doesn’t mean they lack a sense of humor.
“I’m like Commissioner Gordon and Jordi is like Batman,” observed a bearded and smiling Griff Green over video chat.
Green, a well-known member of the larger Ethereum community and founder of Giveth, a smart-contract charitable giving platform, was seated in front of what looked to be an old mattress propped up against a wall. He was joined by Jordi Baylina, a blockchain developer, as he recounted the frenzied moments that followed the realization that hackers had discovered a flaw in a popular Ethereum wallet that left millions of dollars worth of ether vulnerable.
“We didn’t feel like we had much of an option,” explained Green, who, throughout the interview, was careful to use the word “rescue” in place of “steal” when referring to the actions that have gained him and his cohorts such notoriety.
According to Green, when word came in of the initial $32-million theft, he and his Giveth team were just finishing up a meeting. Around nine people were still in the office, and they immediately went to work trying to save what ether they could.
“We started writing scripts so we could empty all of [the vulnerable wallets],” said Green.
But taking the ether wasn’t enough. In order to avert a mass panic, the group had to be transparent about what it was doing. And so while Baylina was coding, Green held down communications — both getting the word out and coordinating help from people all over the globe via Skype and Github.
A call was made with other devs (mew, parity) and the white hats. Cornell students helped compile a list of vulnerable contracts. pic.twitter.com/3vuC8tSkdy
— alex van de sande (@avsa) July 20, 2017
“We were very open and talked to all the people as it was happening,” Green insisted, with Baylina adding that “you have to communicate the thing right.”
Even so, emptying the first account — which contained approximately 47,000 ether (currently worth over $9 million) — was a risk. What if something went wrong and the money was lost? Green wished they had tested the code on a smaller wallet first, but Baylina was insistent that they made the right decision in rescuing the large vulnerable wallets first.
After all, presumably that’s where the unknown thief who sparked this mad dash had his or her eyes set.
And so they drained the wallets, one by one. Shortly thereafter, they posted a message to Reddit under Baylina’s account which explained the entire situation and let worried ether holders know that they’d see their funds again — a promise the group is in the process of keeping.
Importantly, this wasn’t the White Hat Group’s first rodeo. Although the members are spread across the globe and they mostly coordinate remotely, many of them had met in person in Switzerland after a previous attempt at vigilante blockchain justice left them in need of legal protection. In fact, according to Green, this latest hack was their third major operation together.
The White Hat Group’s preexisting notoriety in the Ethereum world certainly aided its members as they put out calls for assistance on July 19, and while those members may have received most of the responses, they weren’t the only ones working to save the day. Both Baylina and Green emphasized that other white hat developers jumped into the fray entirely independent of the WHG’s own efforts.
Baylina called these collected efforts a “sign that this community is growing,” with Green adding that “there’s something special about Ethereum world.” After the White Hat Group’s recent ether rescue and return, that’s a sentiment likely to be shared in the broader Ethereum community — especially now that it’s seen the faces behind the white-hat masks.