Poly Network also proposed giving “Mr White Hat” a $500,000 “bug bounty” to return the hacked cryptocurrency, as well as inviting them to work for the company.
“Poly Network no intention of holding #mrwhitehat legally responsible and cordially invites him to be our Chief Security Adviser. $500,000 bounty is on the way. Whatever #mrwhitehat chooses to do with the bounty in the end, we have no objections,” the company tweeted.
A bug bounty rewards “friendly” hackers who demonstrate security vulnerabilities in a company’s systems or software, while “White Hat” is a term for someone who hacks for ethical reasons.
Poly Network said that the hacker did not accept the bounty but may give it to the technical community who have worked on blockchain security.
The platform publicly revealed the huge hack on 10 August and asked for the money to be returned to them.
That process began the next day with the money being slowly returned to the company, which said that it had seen all but $33m in frozen Tether coins given back.
But more than $200m of the funds was left by the hacker in a locked account that required a password to access it, which they still have not received.
“We have made constant efforts to establish an understanding with Mr. White Hat and genuinely hope that Mr. White Hat will transfer the private keys as soon as possible so that we can return full asset control back to the users at the earliest,” the company said on Twitter.
And they added: “Again, it is important to reiterate that Poly Network has no intention of holding Mr. White Hat legally responsible, as we are confident that Mr. White Hat will promptly return full control of the assets to Poly Network and its users.
“As we have stated in previous announcements and encrypted messages that have been made public, we are grateful for Mr. White Hat’s outstanding contribution to Poly Network’s security enhancements.”
The hacker later said that they took the money “to keep it safe” after spotting a bug and that they intended to show Poly Network’s vulnerability.
The firm says that it has now created a patch to fix the security issue.