On December 11, dYdX officially released a post-mortem analysis of the “deposit agent” smart contract vulnerability discovered on November 27. Including what happened, fixes, bug bounties, and compensation for users’ gas fees and stolen funds. For users affected in this incident. The official compensation measures are as follows: User gas fee compensation: Due to this loophole, users have incurred additional gas fees to revoke authorization or retrieve escrow funds.
We will issue 0.0115 ETH to all users who incurred gas fees due to revocation of authorization, and an additional 0.0115 ETH to all users who incurred gas fees due to retrieving escrow funds. Repayment of stolen funds: A total of 206,134.87 US dollars and 1.5 WETH were stolen.
We have fully compensated for these losses. In addition to the disclosure of vulnerabilities. The official thanked and paid a bug bounty of $500,000.