Recovery of Funds - RyanLion

Dear Osmosis Validators & Community,

I’m writing to you after making the biggest mistake of my life that has cost me ~$100K. 4 days ago I was the victim of a phishing scam which has led to me losing the vast majority of my crypto holdings. Usually in such a scenario - the funds are moved quickly off chain and are often unrecoverable by any means. In my scenario - the funds are still on chain, which means that they are recoverable should there be support from Osmosis validators.

What Happened?

For several weeks I had been encountering what appears to be a UI issue with Mars Protocol. When accessing it via https://mars.osmosis.zone/, then switching to the Neutron outpost, I was unable to view the Mars Farms under the Earn tab which I was considering entering. After some troubleshooting I decided to try an alternative web browser. I chose to use Brave browser, which I never usually use. Against my better judgement, instead of ensuring I used verified links to find the Keplr wallet page, I made the fundamental mistake of searching for “Keplr Wallet” and ended up on the site https://keplrwallet.app/ (which was a sponsored ad at the top of the search page) - which is obviously not the correct site for Keplr wallet. I manually entered my seed phrase after selecting “import an existing wallet” and was then routed to the correct keplr dashboard, unaware of the mistake I’d just made. The phishing scammer then had access to my wallet and subsequently transferred ~$100K of crypto tokens from my wallet, the vast majority of which had been held in Mars Protocol on Osmosis in the form of $91.1K USDC. They also took a small amount of liquid OSMO, they used the liquid staking module to steal my staked ATOM, they took some liquid KUJI & KUJI ecosystem tokens I had & a number of high value NFTs from Stargaze.

4 days later all funds still remain on various Cosmos chains in the attacker’s wallets. With the majority sitting on Osmosis.

They performed 3 key transactions on Osmosis:

1. Removed my USDC from Mars: Mintscan

2. Sent my USDC to their wallet: Mintscan

3. Sent the liquid OSMO from my wallet to theirs: Mintscan

The stolen funds now reside in the wallet with address: osmo120r3lwjh2fn0hu80e0gw5fc0tsk6ce3auvc42p

What can be done?

Given:

1. The stolen funds are still on chain
2. The size of the stolen funds
3. My longstanding community presence within Cosmos

I’m appealing to the Cosmos validators to help either freeze this account and/or return the funds to me.

I realize that this is a big ask given the decentralized an immutable nature of the blockchain. However Osmosis is not the bitcoin network and rather than being controlled by millions of nodes spread across the world, the network is ultimately controlled by 150 validators, and if the majority of those validators chose to take action then this account could be frozen and potentially the transaction could be reversed.

There is some recent precedent for such an action when the validators of both Neutron and Terra froze an address that was responsible for a smart contract hack on the IBC bridge where they were able to mint and extract Axelar wrapped assets on Terra. The wallet was frozen in order to protect Astroport token holders given that 50M ASTRO was minted by the attacker.

My question to you is this: Will you stand idly by and allow a hacker to steal funds on Osmosis, knowing that you can take action to stop it? Will you refuse to act whilst one of your own Cosmos natives is financially ruined by a stupid mistake? Is this really the future of finance, is this the spirit of blockchain technology?

I implore the human side of you to at least consider not allowing this thief to prosper whilst you have the chance to stop them. Whilst I’ve contacted law enforcement in the UK it’s unlikely that they will or can take any steps to either prevent funds moving off chain and in the even that they do it’s highly unlikely that they would be able to track the funds to an individual who is likely based in another jursidiction. I therefore request that justice is brought on chain.

Thank you for your consideration.

I support this, in principle.

I am going to contact you on x.

I am somatic validator now.

note after a day’s worth of thought, I got nowhere. I need to echo the immutability as god stance.

You should probably edit the scam link out of your original post

Past that I have to say I’m really sorry this has happened. I know how awful you would feel about this

Personally Idk what Jacob is talking about above but this would set a horrid precedent for the chain. There are no blockchain police, there are no sets of guidelines or rules or laws to run by for which transaction is large or small enough to warrant intervention, nor is there an appropriate way to investigate these scenarios(From a real world perspective) that would make action at the chain level make any sense. And this is coming from a place of constantly dealing with hacked/compromised wallets/scammed users/ etc, it completely sucks every time someone comes in but the solution isnt going to be this I wouldnt think

This is essentially a good ad for a ledger wallet, if youre storing more than like twice the cost to buy one I would just say pull the trigger seen this happen too often

There are no blockchain police, there are no sets of guidelines or rules or laws to run by for which transaction is large or small enough to warrant intervention, nor is there an appropriate way to investigate these scenarios(From a real world perspective) that would make action at the chain level make any sense. And this is coming from a place of constantly dealing with hacked/compromised wallets/scammed users/ etc, it completely sucks every time someone comes in but the solution isnt going to be this I wouldnt think

so, the way I would attempt to handle it is by identifying others who have been compromised by the same means. The attacker has a registered google ads account, there are ways to hunt.

I think it is a good idea to show absolute hostility to thieves.

I say this, fully understanding all of your points, and I have told Ryan that I’m thinking on method. Unfortunately his assets were sent to a totally fresh account.

The thing that troubles me about all of this is that the individual or groups doing this they are absolutely professionals. That is why there was an ad on Google and that is why the situation is as it is. To be clear, yes, I would consider state modification. That’s not to say that I have a clear plan for it yet, and it’s not to say that it would pass governance.

However, fuck thieves.

So I will think some.

Idk who sent this tx, but it is classy:

• Mintscan

There are no blockchain police

Really starting to think that’s a mistake.

If we want to do network states and stuff, that may be necessary.

Keep in mind that none of this means that I have a clear plan at this time, or support state modification beyond “in principle”.

If anything, we need to learn, and need to improve.

of constantly dealing with hacked/compromised wallets/scammed users/ etc, it completely sucks every time someone comes in

this is why I’d even consider any action. It is too much, too often. But you aren’t wrong at all on your commentary. I guess I’d just add that the most prolific thieves are doing this at scale. But you probably already know this.

I wondered if that was another scammer tbh!

Definition of wise!

I hadn’t considered this but you’re right to do so.

Summary

• @Kych is not at all wrong. It is dangerous in both directions (inaction and action)

• @Rose made a very good catch about that transaction that I highlighted, it could absolutely be another scammer.

• I have asked @TheRyanLion to make a police report, and I have told him that I will try to think about any potential solutions. I’m worried that any potential solution could be much too slow (eg gov and state modification)

• I am also thinking about the concept of blockchain police, or… Something. To be clear, I agree with @Kych that there are many reasons that doesn’t work.

If nothing else, please consider this me saying that especially in cases where there are professional (mafia) groups doing industrial theft, we gotta figure out something. I know that may not come fast, or maybe, if I think hard and well I can come up with something better than a brute stage modification. Idk.

I wish to show absolute hostility to thieves.

I wish to protect our community.

I do not wish to taint the concept of immutability or break the overall way the chain works.

I know that everyone here shares those goals.

If there is a clear code change suggested to do this then we can consider it. The tools to truly blacklist this without an upgrade don’t seem to exist on osmosis.

But frankly, It will be hard to convince ~100 validators and the team to orchestrate an upgrade to save 100k USD.

Additionally, we might vote yes for a blacklisting of the funds, not sure we will/can support a removal or changeover of the funds (prop16) style. So even if the proposal goes your way, you might not get your funds back.

I’m really sorry for your loss. I agree with kych that this situation sucks, but I’m not sure how this can be determined by validators. This shouldn’t be a judgment call to just freeze accounts and take money from wallets.

I could see a situation in future where scammers try to get validators to take money out of accounts and transfer to their account. How do we verify their story is even accurate and say not them making payment and trying to reverse payment?

Also considering there are a couple recovery services (when it remains in your possession) I have to imagine this happens fairly regularly. We can’t be bogged down with emergency upgrades to reverse transactions every week, all while doing the due diligence required that we aren’t aiding and abetting scammers ourselves. It just wouldn’t be realistic.

Perhaps you could involve the authorities to sort through this.

I am in total support of:

1. Doing a chain upgrade to lock the account.
2. Allowing the wallet owner to come forward and make their case (~1 month)
3. After no public arguments, transferring the funds back to Ryan.

Being on a blockchain and having self-custody over your assets, doesn’t mean we should build an ecosystem that makes grifters, scammers and thieves flourish. It shouldnt be the wild west and each dollar we loose from the ecosystem in this way, will be removed from the ecosystem permanently while also decreasing the users that leave due to getting burnt.

People in Cosmos love bringing up Juno Prop 16, any time the self-custody aspect is touched. An airdrop going wrong and gamed is certainly different to people getting professionally scammed and funds stolen.

Getting funds back shouldn’t be a popularity contest though and this is something that needs to be thought about. There should be a security council reviewing these cases, funded partially by users putting up claims (e.g. flat fee of 1k $ to stop bogus claims)

It needs to be a statement, that Cosmos chains say no to scammers and thieves. We will never reach mainstream, if illegal activity flourishes and we just sit here and say “but Prop 16”.

To clarify - I sent that tx/memo from another wallet - hoping that they would realize they are under scrutiny and consider returning some or all of the funds.

This is truly a horrible situation and I’m really sorry that this happened to you. I also want to say that if the same thing had happened to me, I’d probably be in these forums doing exactly what you’re doing now. Many of us probably would, and I think that anyone who doesn’t support this should at least acknowledge that.

That being said, there are no circumstances in which the Osmosis validators should make state changes to the chain to arbitrate offchain disputes like who is the owner of a particular set of funds. Are validators prepared to accept any civil / criminal liability on the DAO’s behalf in the event that the true ownership of these funds isn’t as it’s been described here?

More importantly, to @Kych 's point, are the validators prepared to arbitrate every case of lost funds moving forward, and upgrade the chain to move private user funds around each time? I understand that in this singular case the affected user happens to be someone whose name is familiar on twitter, but as @0xPhilipp says quite well:

To the point of precedent, Osmosis has already decided a similar issue, and many of the points made in that forum are relevant here. Dropping this here for reference:

Ryan, I’m very sorry that this happened to you. As I said before, I’d probably make this same request if it was me. But in the interest of the chain as a whole, I’d hope the validators would have the foresight and prudence to vote no for any proposal I were to put up if that were to happen.

You are not getting my point. There is a significant need to have an external security council that manages these cases.

It is not your decision if something is civil / criminal liable and trying to scare validators. You are suggesting that one action will inevitably lead to extreme consequences without evidence. The same question can be asked the other way around.

Are validators prepared to accept civil / criminal liability for enabling theft on Osmosis. Is the dev team of Osmosis prepared to face charges as they build a system that enables theft of 100ks of $ ?

I want to see a case be won by a thieve that thinks he has rights to the stolen funds in traditional courts.

This is a slippery slope you are putting up.

Are we building the next generation financial system or just an ecosystem that enables rugs, theft and grift?

Probably I am arriving here.

@TheRyanLion dude I thought about this, and well, I did not come up with anything. I’m really sorry that my support doesn’t go beyond in principle.

this is where I landed

I thought about this too – but…

I did not actually find a way where the security council mechanism doesn’t become god of osmosis. And we don’t have gods on Osmosis.

Yeah, I had this thought too.

This would be a dangerous precedent. Soon, we could face thousands of similar cases, and the next step might be governments demanding to block transactions. In such a scenario, blockchains would no longer differ from regular banks.

Moreover, we cannot be sure if the author’s story is true. It is hard to say what kind of evidence validators could receive to verify it, but this also opens the door to potential manipulation.

I’m sorry for your loss Ryan,

The reality is that even if a validator can blacklist an address individually, any other validator without the same blacklist will allow the transaction to go through.
The blacklist will only have an effect on the inclusion by validators of a TX in a block.

This will generate a costly precedent, why will we made an unplanned emergency upgrade to lock a wallet for Ryan and not for any random people victim of a scam, we could make 10 of this upgrade per days.
We are on an anonymous network, are you ready to KYC your wallet ? In my opinion, this is the only way to prove you are the wallet owner the day you will be scam.

We are on an anonymous network, are you ready to KYC your wallet ? In my opinion, this is the only way to prove you are the wallet owner the day you will be scam.

Unfortunately I think you’re right. I really did want to “do something” and spent the past day trying to figure out what something could be, but I’m coming up empty.

• if we just move the funds it is prop 16
• making a blockchain police means giving a small group power over everyone
• blacklisting doesn’t work for the reasons you mentioned

Nonetheless, I will continue to think on this. Theft is too large of a problem imo.

I swear there’s got to be some way, but I think that the “way” is going to end up being “pre-theft” as opposed to “post-theft”

Abandoning thread. Funds have been moved off chain.

Thanks for the update!

While it is really bad it happened in the first place (sorry for your loss @TheRyanLion ) it is good to have this conversation, since it is a very very sensitive subject.

It is indeed a conflict between morals and the basic of blockchain tech. I sincerely do not think that reverting transactions or blacklisting addresses is the solution, because it will be a fight without an end. Creating new addresses takes literally seconds, so outmaneuvering blocks is much much faster than putting up the block in the first place. Plus the majority of stolen funds is moved out immediately, so there is not much to do in that case anyways.

Which brings me to the point where it would be good to add a link to the sites of trusted wallets on the Osmosis apps page (or alike). Right now there is no link to the legit Keplr site for example on the Osmosis website to be found, but it would help if we would link to that site from the ecosystem imo. That way users don’t have to use a search engine with potential scam results, but it can all be linked from our trusted (and controlled !!!) front-end, which might lower the exposure for scammers.