In brief

  • Two mysterious transactions resulted in more than $5 million in fees being mined between two different mining pools,
  • The Ethermine pool will distribute the massive payout to hash contributors following a four-day hold to allow the sender to claim their ETH.
  • The other outsized fee, mined by SparkPool, is still on hold pending an ongoing investigation.

It looks like more than $2 million worth of ETH will go unclaimed.

After waiting four days, Austria-based blockchain innovation company Bitfly will distribute the proceeds of an Ethereum transaction sent with a fee of more than $2.4 million. 

The transmission was one of a pair of transactions broadcast last week spending a total of more than $5.2 million in fees, raising speculation of a major undetected bug in a seldom used smart contract, or financial blackmail carried out by hackers.

The frozen transaction was initially validated by Ethermine, a mining pool managed by Bitfly. The benign hold may have ruffled some feathers among contributors to the pool—Bitfly was careful to clarify that the executive action was a one-off, and will always distribute the full block reward as outlined in their payout policy going forward.

Discussions following the first high-fee transaction on June 10 worth nearly $2.6 million focused on potential bugs in a transaction triggered automatically. A second, similarly disproportionate transaction sent the following day, however, forced observers to consider other possibilities. The June 10 transaction was mined by SparkPool, whose investigation is ongoing.

Following the second high-fee transaction, China-based blockchain analysis firm PeckShield published a report indicating the mysterious transactions could be the result of partially unsuccessful hackers thinking on their feet. The research claims an undisclosed cryptocurrency exchange had credentials compromised in a phishing attack. 

Unable to drain the funds to their own address due to multisig wallet protections, the information nevertheless enabled the intruders to make transactions to a small list of whitelisted addresses. From there, the hackers broadcast the transactions in question in an effort to secure a ransom from the exchange on the threat of additional wasteful sends.

With the release of the Ethermine fees, it seems like the mystery will have no quick resolution. Bitfly noted that while a number of individuals came forward to claim the fee, none were able to sign transactions from the sending account to prove their control of the private keys. 

We may only get an answer following a successful Sparkpool investigation, or if the poor soul who controls the account decides to come forward and tell his story.