Nomad Bridge Hack Bounty and FAQs

Update: Nomad Bridge Hack Bounty

Nomad is announcing an up to 10% bounty to Nomad Bridge hackers where Nomad will consider any party who returns at least 90% of the total funds they hacked to be a white hat. Nomad will not pursue legal action against white hats. Funds must be returned to the official Nomad recovery wallet address: 0x94a84433101a10aeda762968f6995c574d1bf154.

Please be wary of impersonators and other scams.

Nomad is continuing to work with its community, law enforcement and blockchain analysis firms to ensure all funds are returned.

FAQs

Am I safe from civil liability or criminal prosecution if I retain 10% of the funds I took?

• Nomad will not pursue any legal action against white hats.
• Nomad will also identify you as a white hat to any third parties who may be considering legal action.
• Nomad is working closely with law enforcement and will advocate for no criminal charges when white hats return funds.

How does this work?

• Anyone who returns at least 90% of the total funds they took will be considered a white hat. White hats can also choose to return the full amount.
• Funds must be returned to the Nomad official recovery address as ETH/ERC-20s
• If you have already returned funds, and would like to connect with us, please contact us via recovery@nomad.xyz.

How should I return funds?

• Funds must be returned to the official Nomad recovery wallet address. Details may be found at these links.
• https://twitter.com/nomadxyz_/status/1554679735006859264
• https://web.anchorage.com/anchorage-nomad
• Please return the funds from the wallet addresses that took part in the hack.

How can I contact Nomad to better coordinate the return of funds?

• Send an email to recovery@nomad.xyz.
• Contact us via twitter at https://twitter.com/nomadxyz_
• Join our discord server at https://discord.com/invite/RurtmJApqm

Why did it take so long to put out the bounty?

• Given the unprecedented number of decentralized parties involved, coordinating amongst everyone was a complex process. We wanted to make sure we put the bounty out in the right way, so we took some additional time to make sure we considered the complexities due to the nature of the hack.