A Bitcoin user claimed to have paid a record transaction fee of $2.1 million for a $3 million Bitcoin transaction. The user argued that 139 BTC was stolen by hackers last week and that the stolen amount was linked to the record transaction fee of 83.65 BTC. To support his claim, the user signed a message with the key that carried out the transaction.
Last Thursday, it was revealed that a Bitcoin user accidentally paid a $3.1 million transaction fee for 83.65 BTC. This record fee was more than six times the previous record $ 500,000 fee paid in September. A person who made the payment and claimed to be the victim of a hacking attack created a new X (former Twitter) account with the username “@83_5BTC” similar to the amount of the fee paid.
Through the X account, the user shared that he created a new cold wallet address, transferred 139 BTC, and the BTC was immediately moved to another wallet address. The user stated that he suspected that someone using that address was running a script that calculated a strange transaction fee. Before the transaction, the wallet balance was 139.42 BTC ($5.2 million) and a fee of 83.65 BTC was paid for the transfer of 55.77 BTC ($2.1 million).
An anonymous developer named Mononaut confirmed the message signed by the user from his Bitcoin wallet address. Jameson Lopp, co-founder and CTO of Casa, also confirmed the signature. However, Mononaut added that if the wallet address was compromised, the message could have been signed by a hacker. The transaction was issued by AntPool in block 818,087, according to blockchain browser Blockchair.
It was revealed that the previous record fee paid in September was determined to be an erroneous payment by crypto service provider Paxos, and F2Pool agreed to reimburse Paxos. It is unknown whether AntPool has made a decision to make a similar deal, but if such a decision is made, another method will be required to verify the identity of the victim.
According to Mononaut, the most likely cause of the record transaction fee of $3.1 million was an insufficiently randomised wallet address, making it vulnerable to hacking attacks. The developer reminded that wallet addresses generated with insufficient randomness should not be used in very large amounts and, if possible, multisig wallet addresses should be used.