Commissions of $ 5.7 million for ETH transfers - what really happened?

By Artur89 | Arthur Crypto 2020 | 16 Jun 2020

On June 10 and 11, an unknown sender paid about $ 5.2 million for Ethereum transactions as a commission, which usually does not exceed $ 0.20. This is the largest commission for the transfer of ETH in the entire history of the cryptocurrency market. On June 12, about $ 750,000 was sent from another wallet to ETH with a commission of 2,310 ETH, or $ 538,000. The crypto community is at a loss what it was. Among the versions: user error, bot failure, money laundering. According to the most plausible of them, with the help of such gigantic commissions, unknown hackers extort money from one of the major exchanges. What scenarios look the most real, how hackers could gain access to funds and why can't just steal them, DeCenter figured out.

Three transactions with a total fee of $ 5.7 million

On June 10, an unknown wallet holder sent 0.55 ETH (≈ $ 133), paying 10 666 ETH for the transaction fee - this is about $ 2.6 million. The reward went to the Chinese mining pool SparkPool. According to ETH Gas Station, the recommended commission for a standard transaction is $ 0.10− $ 0.20, and for an accelerated one - $ 0.15− $ 0.30. Thus, the user should not have spent more than $ 0.30.

On June 11 another 350 ETH (≈ $ 86,000) was sent from the same address to another address with a commission of 10,668 ETH - about $ 2.6 million. This time the transaction was processed by one of the largest Ethereum mining pools - Ethermine.

On June 12, someone sent 3221 ETH (≈ $ 751,000) from another wallet with a commission of 2,310 ETH (~ $ 538,000). Sender and receiver wallets belong to the mining pool MiningPoolHub.

SparkPool was supposed to distribute the received commission between its miners, but he froze the funds and began an investigation of the incident. The pool operator, Bitfly, first announced that it was ready to return funds to the trader in case of error, but after the user did not contact, on June 15, she announced that she would distribute the amount of commission between the miners of the pool according to the picture of the network hashrate at the time of the transaction. The company said that it was approached by several people who pretended to be a sender, but none could provide a signature from the wallet.

This, incidentally, is not the first time that SparkPool takes the side of a mistaken user. In February last year, the user mistakenly paid 2100 ETN (≈ $ 300,000 at the then exchange rate) as a commission and asked the pool to return the funds. SparkPool returned half of the funds to him, and left the rest to the miners.

Ethermine also considers the transaction erroneous and was ready to return the funds to the sender, but, not receiving a response from it, the pool decided to distribute the coins between the miners.

What is known about the wallets of senders and recipients

The identities of senders and recipients are still unknown - none of them declared themselves and did not contact SparkPool and Ethermine for a refund. The first sender’s wallet balance is 16,760 ETH, or more than $ 3.9 million. The wallet was created on June 6, just four days before the transaction with a record commission. Maximum was 46,000 ETH, or more than $ 11 million. Since June 6, more than 9,000 transactions with commissions of less than $ 1 have been made through the wallet - almost one per minute. Such activity makes one doubt that the sender is a regular user.

The wallet of the first recipient is already empty - all funds have been transferred to other wallets, and this happened automatically. The money was sent to the address of the South Korean cryptocurrency exchange Bithumb. However, this does not mean that she owns the wallet - most likely, only an intermediate wallet on the exchange. The address was registered seven months ago.


The second recipient's wallet is also empty. It exists only 50 days. It is noteworthy that on June 11, on the day of receiving 350 ETH, 0.012 ETH was also sent to it from the verified wallet of the OKEx exchange.


In the wallet of the second sender of coins is only $ 4.5.

In the wallet of the third recipient 5948 ETH (≈ $ 1.38 million), and funds are regularly withdrawn from it.


Version of what happened

After the first transaction with a record commission, the crypto community began to speculate about what happened. The information available is not enough to say with confidence, but we have collected the basic versions.

Sender error. Excessively expensive commissions could be the result of a simple oversight. To pay millions instead of a few cents, it is enough to accidentally make a mistake in filling in the data when sending coins or confuse the fields.

The Ethereum user has full control over their commission costs. He can choose its price: the higher it is, the faster the transaction will be processed. So, the user may have wanted to send $ 2.7 million, having paid a commission of $ 100, but accidentally mixed up the fields.

However, oddities in sender wallets, frequent transactions, and the presence of two different wallets make this version unlikely. In addition, earlier in other transactions, the first sender always used the price of “gas” at 60 Gwei, and before this transaction increased it to 500 million Gwei.

“Most likely, it was someone's deliberate intervention,” Alex Svanevik, founder of DAO D5 commented on the situation to Decrypt.

Bot error. This version was one of the main ones after the first transaction. The transactions of the first sender went almost every minute - which means that they are committed by the bot. The practically repeating size of the commission in two transactions, 10,668 ETH, also speaks in favor of this. A malfunction in his algorithm could explain the astronomical commission.

A bot can serve a cold wallet of some exchange or be involved in money laundering - the latter is supported by the regularity and automation of funds transfers. Theoretically, it could be the wallet of some dApp, but there is no smart contract in the description of the transaction.

Money Laundering. However, this may not be a mistake, but a deliberate attempt to launder money. But in this case, the sender must be in collusion with the miners and pools. But, given that transactions fell into different pools used by thousands of miners, and they froze funds, as well as the fact that such large transactions will inevitably attract the attention of the community, this version is unlikely.

The investigation of the Chinese authorities. TrustNodes experts believe that transactions with record fees may be associated with the Chinese authorities blocking local miners' bank accounts due to an investigation into the activities of over-the-counter bitcoin traders accused of money laundering.

Recall that since 2017, trading in cryptocurrencies on national exchanges in China is prohibited. Therefore, traders and miners are forced to resort to over-the-counter services.

Version of hackers and blackmail

The most plausible version so far seems that what happened is a hacker blackmail of one of the crypto exchanges. The likely scenario was put forward by the Chinese blockchain analytic company PeckShield, which led the publication Decrypt.

PeckShield experts do not know exactly how, but most likely, hackers gained access to the hot wallet of one of the crypto exchanges and part of the permissions to send transactions. Perhaps for this they used a phishing attack (fake site or email in order to obtain credentials).

However, a problem arose at this point. The multi-signature technology was used on the exchange server, which provides for the use of several keys to send funds. The hackers did not have the latter and at first they could not do anything. However, they later realized that they could get around protection with a simple trick. Hackers cannot transfer money to their own accounts, but they can send them to certain accounts, marked in the exchange database as reliable (for which only one authorization is needed), and control the price of "gas".As a result, attackers send funds with excessively high transaction fees to the accounts of the exchange. Although they did not manage to withdraw funds directly, but this trick was expensive for the exchange, which gave hackers the opportunity to demand a ransom for the cessation of these actions. Now only $ 3.5 million is left in the wallet instead of the original $ 11 million, which means that the remaining funds have already been burned.

PeckShield experts do not name a specific exchange, but their version looks convincing for the first two transactions. True, it is not entirely clear why the exchange team has not yet regained access to the wallet and has not blocked the withdrawal of funds to any wallets.

But the wallet associated with MiningPoolHub, most likely, was hacked directly. This view is held by blockchain researcher Frank Topbottom. But he believes that this case has nothing to do with the two previous transactions.


Even if the incidents are explained not by a user or algorithm error, but by a targeted hack, they again raise the topic of transactional errors in the blockchain and the irreversibility of transactions.

Transactional errors are not uncommon in the crypto industry, but usually they are not so great. A transaction cannot be canceled in a decentralized blockchain.However, it is possible that blockchain networks should be able to reject transactions if they do not meet any conditions, for example, in the case of obviously too large commissions that exceed the amount of sending. That's right now, the Bitcoin blockchain rejects fees that are too low. A similar mechanism could significantly reduce the incidence of transactional errors.

Usually, the absence of a third party capable of interfering in transactions between two users of the blockchain is considered one of the main advantages of the system. But this can also be considered as one of the main shortcomings of decentralized crypto-asset networks. Irreversibility of operations imposes full responsibility on users for them - in case of an error, funds can be lost forever. However, in the public blockchain, all network data is completely transparent, including the address of the recipient. If the wallet is identified, then the option remains to agree directly to the parties themselves.



How do you rate this article?



We know everything about the world of cryptocurrencies!

Arthur Crypto 2020
Arthur Crypto 2020

Good afternoon, dear subscribers of our blog! In this blog you will find out the latest crypto news, news on the crypto market and all the hot consequences of crypto trading.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.