White hat researchers recovered 1,003.62 ETH from a failed 2016 Ethereum ICO, turning flaws in previous sensible contracts right into a reminder that Ethereum’s early technical choices can stay on for practically a decade.
The researcher, referred to as 0xFlorent, stated he unlocked ETH from the HongCoin contract after the funds have been locked up for 9 years. Utilizing the Ethereum value of roughly $1,983 on June 1st, the quantity recovered is price roughly $1.99 million.
Restoration relied on the unique HongCoin multisig. HonCoin contracts nonetheless required motion from the admin path for associated admin calls.
As such, this episode was nearer to contract archeology than conventional exploitation. The identical immutable code that saved the refund failure additionally saved the forgotten route of its avoidance.
The distinction with Hong Kong is hanging. Ethereum’s base layer remained static. With authorization passes nonetheless legitimate and coordinated signatures from the unique multisigs, 48 unique buyers grew to become eligible to assert their funds by way of a refund mechanism that has been defunct for a few years.
How the refund route was interrupted
HonCoin is a 2016 Ethereum challenge that was described as a decentralized enterprise fund in its public repository. The token sale failed to fulfill its funding objective, and buyers have been supposed to have the ability to get their ETH again by way of the contract’s refund characteristic.
The issue lay within the accounting for the contract. Within the HonCoin supply code, refundMyIcoInvestment() The perform checks whether or not the caller’s token steadiness is bigger than: tokensCreated. If that situation is true, the refund name will fail.
If handed, the perform zeroes the caller’s token steadiness, clears the related accounting, and tokensCreated Refunds can be made in line with the token steadiness.
Over time, early refunds will end in worldwide tokensCreated counter. That left massive holders in a wierd place. They nonetheless had a steadiness related to the unique cost, however that steadiness was possible too massive for the remaining counters on the contract.
The refund characteristic then handled them as invalid and blocked the very customers who have been alleged to refund them.
Escape paths have been additionally previous code. Multisig restricted mgmtIssueBountyToken() The administration perform provides the supplied quantity to the recipient’s steadiness and bountyTokensCreated.
That path belonged to the administration facet of the contract, so the unique multisig wanted to take part. Fashionable Solidity operations default to reverting when an overflow happens.
Previous to Solidity 0.8.0, arithmetic operations have been wrapped in overflow except the developer added their very own checks. Previous behaviors shaped an escape route.
0xFlorent has recognized a method to make use of the arithmetic operations of administration features to reset the proprietor’s steadiness to a low sufficient worth for the refund test to go. The outcomes have been paradoxical. One previous bug helped undo substantial harm attributable to one other previous bug.
| stage | key particulars |
|---|---|
| 2016 Token Sale | Hongcoin raised ETH for a enterprise fund-style Ethereum challenge, however later failed to succeed in its objective. |
| Refund failed | The refund characteristic denied massive holders if the worldwide token counter fell beneath their steadiness. |
| previous admin path | There was nonetheless a multisig restricted perform that would change the steadiness utilizing Solidity arithmetic habits previous to 0.8. |
| white hat restoration | 0xFlorent has teamed up with the unique HonCoin multisig to permit blocked holders to assert their funds. |
| On-chain proof | Could 29 transaction exhibits success refundMyIcoInvestment() A name that generates an inside 96 ETH switch. |
Multisig permits coordinated restoration
Multisig necessities set the boundaries for HongCoin restoration. The precise restoration trusted the cooperation of researchers and the previous management path, because the delicate path required HongCoin’s unique administration tackle to carry out the related calls.
The changes have been simply as essential because the code. This restoration included 41 signed transactions of blocked homeowners, however one other seven small homeowners have been capable of get their a reimbursement straight with none workarounds.
The ICO was launched on August 29, 2016 and ended on October 28, 2016, however didn’t attain its fundraising objective.
On-chain information already present refund exercise. Could twenty ninth on-chain transaction known as refundMyIcoInvestment() An inside switch of 96 ETH was then comprised of the HongCoin contract to the investor’s tackle.
The highest-level transaction worth was 0 ETH as a result of the precise switch occurred throughout the contract name.
Those that monitor funds should distinguish between eligibility and accomplished distribution. Contract standing and multisig implementation have reopened claims channels for funds which were inaccessible for a few years.
Seen on-chain examples illustrate refund exercise relatively than a whole description of all eligible investor claims.
One ought to learn rigorously earlier than generalizing the Hongcoin incident to different previous stack funds. The parts have been unusually particular. There’s discernible contract logic, management that is still out there within the unique management path, a white hat to make changes, and sufficient on-chain worth remaining to take the time worthwhile.
The precise particulars are possession and permissions. The previous perform might change the steadiness, however solely the managed path might name it.
This offers moral and operational boundaries to retrieval. Exterior analysis discovered a path ahead, the unique signatories carried out it, and the claims route was reopened for buyers.
The identical details additionally make it tough to generalize this case. Many dormant contracts lack energetic management keys, a clear set of claimants, or a public path to allow accountable restoration.
This boundary additionally reduces the temptation to deal with the episode as a broad exploitation template. Though technical mechanisms clarify why the refund gates have been reopened, the tip of this story comes from a mix of previous codes, survival permits, and public funds.
Related archeology turns into extra harmful if the contract lacks any of those parts. It is because discovery can reveal weaknesses earlier than out there restoration routes are created.
Ethereum holds errors and their cures
Contemplating the broader historical past of Ethereum, Hongcoin’s restoration is greater than only a curiosity. A 2025 evaluation citing Coinbase’s Conor Grogan places the quantity of ETH completely misplaced at over 913,111, a conservative estimate that takes into consideration consumer and contract-related errors.
This class consists of funds despatched to put in writing addresses, bugs in contracts, and vital incidents in historical past.
A few of Ethereum’s most essential early moments have been additionally discussions round restoration. In 2016, after the community’s definitive governance disaster, a DAO onerous fork moved roughly 12 million ETH from DAO-related contracts to restoration contracts.
In 2017, a self-destruction incident of Parity Applied sciences’ multisig library resulted in 513,774.16 ETH being blocked in 587 wallets.
These episodes have been larger and extra politically heavy than Hong Kong. They nonetheless assist clarify why this small financial restoration is resonating.
Ethereum’s promise of code and state persistence is its safety properties and reminiscence system. This protects errors, forgotten assumptions, outdated permissions, and occasional cures whose future relevance was not seen on the time of deployment.
That lengthy reminiscence now stands alongside a mature safety tradition. In January, Ethereum veterans introduced plans to transform the remaining roughly 75,000 ETH from TheDAO Restoration Fund into an fairness fund for Ethereum’s safety.
The Hongcoin incident represents the identical aftermath of Ethereum’s preliminary determination, though it’s going down on a a lot smaller scale.
The following take a look at is recoverability. Do different older contracts comprise paths that can be utilized responsibly? White hat restoration requires greater than bugs. It requires reliable management paths, publicly out there on-chain proof, cautious disclosure, and methods to keep away from turning contract archeology into an opportunistic assault technique.
HonCoin exhibits that a few of the trapped funds might stay held throughout the previous logic, ready for somebody to determine each the issues and the permission construction round it. It is a hopeful consequence for the 48 buyers at the moment eligible to assert.
That is additionally a warning to the remainder of the ecosystem. Ethereum remembers fraudulent codes, and typically even escape hatches.
