Bybit asks DAO to return fees earned from hack transactions

Bybit onfirmed it was behind a proposal requesting that decentralized finance (DeFi) protocol ParaSwap return fees earned from swaps conducted by the Lazarus Group using digital assets stolen from the exchange.

On March 4, a proposal was posted on ParaSwap’s decentralized autonomous organization (DAO) forum asking to freeze and return 44.67 Wrapped Ether (wETH), worth almost $100,000, to a wallet address.

The proposal initially attracted skepticism, with several DAO members calling for verification before advancing the proposal. Bybit shared a verification post on its official X account on March 5, confirming that it was behind the proposal to return the funds.

The move to return the funds triggered a debate among DAO members, with many considering the future implications of a potential return of the fees.

ParaSwap community highlights potential implications

DeFi researcher and ParaSwap DAO delegate Ignas posted on X, highlighting a dilemma placed upon the DAO.

Ignas said the DAO profiting from the hack is “bad optics” and that returning it would show support for another industry player. He added that keeping the funds may attract regulatory scrutiny and legal headaches.

However, he also warned that issuing a refund would set a dangerous precedent for DeFi:

“Code is law. The DAO earned the fees legitimately via smart contracts. And if funds are returned now, what about future cases? Sets a dangerous precedent.”

The ParaSwap delegate also said this may have implications for ThorSwap, which the hackers used to convert stolen funds into different crypto assets. By Feb. 27, the THORChain swap volume exploded past $1 billion as the Bybit hackers used the protocol to swap digital assets.

By March 4, THORChain had generated $5 million in fees, and its volume had reached $5.4 billion. Bybit hackers used the protocol to convert fees. If Bybit pursues a similar refund request from THORChain, the exchange could recover significantly more funds.

Cointelegraph reached out to Bybit for comment but did not receive an immediate response.

Related: $1.5B crypto hack losses expose bug bounty flaws

Bybit proposal ignites ParaSwap debate

DAO member SEED Gov outlined three possible courses of action: returning the full amount, refusing the request, or negotiating a structured return that includes keeping 10% as a bounty, in line with Bybit’s existing bug bounty program.

The community was split, igniting a debate within the ParaSwap DAO forum. Some community members said that the funds should be returned. Others said they could arrange a structured return of the funds if they could keep the 10% bounty and secure the elimination of any future liabilities for the DAO.

On the other hand, some ParaSwap DAO members were against returning the funds to Bybit. A community member said that ParaSwap would “damage its reputation” if it agreed to return the funds.

Another DAO member pointed out a similar situation in 2013 when a protocol asked ParaSwap to refund fees after hackers used the protocol to swap assets. The DAO member highlighted the decision not to refund the processing fees at the time, adding that “there is no reason to rule it otherwise this time.”