The major crypto exchange Coinbase unexpectedly made a $1 million profit amid a hack but has not yet refunded the victims. The incident occurred when Curve Finance was hacked in July, resulting in financial losses for multiple parties.
Coinbase (unintentionally) profiteered from the hack
During the attack on Curve Finance, a fee of 570 ethereum (ETH), then worth $1.06 million, was paid to an Ethereum validator. This validator, in turn, was operated by Coinbase, according to Alchemix, one of the affected parties. Although Coinbase has $1 million worth of stolen ETH in its possession, this money has not yet been returned to the victims. How did Coinbase come into possession of this money?
But would you believe me when I said that of all companies, @coinbase REFUSES to give back over $1m of the stolen funds?
So insane! Read 👇
— ogle (@cryptogle) September 15, 2023
The attack on Curve disrupted the way asset values were determined temporarily. During this chaotic period, a trading bot noticed a rare opportunity to make substantial profits. It used a trading strategy called Miner Extractable Value (MEV) for this purpose. To ensure that this favorable transaction went through quickly, the bot paid a significant fee of 570 ETH to a validator on the Ethereum network.
Validators play a crucial role in keeping the Ethereum network operational. It was Coinbase, a major Ethereum validator, that received this payment. Most of the profits from the transaction went to the validator, while the hacker himself only retained 43 ETH from the action.
Notably, the hacker, under pressure, returned most of the loot to the affected parties. However, Coinbase has so far refused to refund the profit it gained as a result of the hack. According to Alchemix, Coinbase has stated that there is no legal obligation to compensate anyone. Coinbase has not yet commented on this matter.