A white hat hacker that targeted DeFi protocol Tender.fi has returned $1.6 million that was stolen on Tuesday, receiving a 62.15 ether ($85,000) bug bounty instead.

The attack occurred after Tender.fi upgraded its price feed to relay data from a Chainlink pricing oracle as opposed to a time-weighted average price (TWAP). The code, which was audited by PeckShield, contained an error and returned a number with too many zeros behind it. This meant the attacker was able to deposit one GMX token, worth around $70, effectively tricking the system into allowing infinite borrows, according to a postmortem published on Tender.fi's Medium page.

After extracting $1.6 million from the protocol, the hacker left an on-chain message: "It looks like your oracle was misconfigured. Contact me to sort this out."

Tender.fi reached out and agreed to pay the white hat hacker a 62.15 ether bug bounty.

(By Oliver Knight)