Smart contracts have been upgraded in an attempt to prevent a similar incident happening in future, and Know Your Customer checks have been opened to verify those entitled to compensation.
Four months on from a devastating $190 million hack, Nomad Bridge has announced that it's planning to relaunch and offer a partial refund to affected users.
The attack was described as a "free for all," with funds gradually drained in small increments over several hours. Dozens of exploiters had taken advantage of a code error that enabled them to spoof transactions and falsely claim ownership of collateral.
In a blog post, the Nomad team say they have been "working hard on recovering funds and making the necessary updates to safely relaunch."
Smart contracts have now been upgraded in an attempt to prevent a similar incident happening in the future, and Know Your Customer checks have been opened to verify those who are entitled to compensation.
Those who pass the KYC measures through CoinList are going to be given a unique NFT that reflects the type of cryptocurrency they are owed — as well as how much.
Compensation is going to be offered on a pro-rata basis — meaning that, if Nomad manages to recover 25% of the funds that were taken, NFT owners will be entitled to receive 25% of the total funds they are owed. Nomad provided its own example and put it this way:
"If 10% of the total exploited ETH has been recovered, and Alice has an NFT that accounts for 20 ETH (what she originally bridged from Ethereum,) Alice will be able to use her NFT to access 2 ETH."
However, it isn't necessarily going to be this straightforward. USD Coin, Wrapped Ethereum, Wrapped Bitcoin and a plethora of altcoins were stolen back in August — and piecing together where everything went is easier said than done.
"There is some complexity in calculating the total pool of recovered funds for each exploited token because some whitehats returned different tokens than they took in the hack (example: a hacker stole ETH, swapped the ETH for DAI, and then eventually returned DAI)."
At this point, Nomad's victims don't have a way of being able to check exactly how much they will be entitled to — and it isn't exactly clear how much of the $190 million has been recovered. Back in August, about 20% of the stolen funds were sent to an official recovery address that was created for white-hat hackers, with the embattled project offering a 10% bounty.