A Bitcoin user made a startling claim about paying a record transaction fee of $3 million for a $2.1 million Bitcoin (BTC) transaction. The user alleged to be a victim of a hack attack. They claimed that last week, a hacker stole 139 BTC from them, linked to the record transaction fee of 83.65 BTC ($3.1 million). To support their claim, the user signed a message with the key that executed the transaction.
“I Paid the $3.1 Million Transaction Fee”
Last Thursday, it was revealed that a Bitcoin user accidentally paid a transaction fee of over $3.1 million for 83.65 BTC. This record fee was six times higher than the previous record of $500,000 paid in September. A person claiming to be the payer and a victim of a hack attack created a new X (formerly Twitter) account with the handle “@83_5BTC” similar to the fee amount paid.
The user shared the incident via the X account, stating, “I created a new cold wallet address, transferred 139 BTC, and the BTCs were immediately moved to another wallet address. I suspect someone ran a script from that wallet address which calculated a strange transaction fee.” They mentioned that for the transfer of 55.77 BTC ($2.1 million), an 83.65 BTC fee was paid. The balance of the wallet before the transaction was 139.42 BTC ($5.2 million). The user added, “The 55 BTC are gone forever. A decision is pending for the 83.5 BTC.” They signed a message from the Bitcoin wallet address stating they are “@83_5BTC, the owner of the wallet address that paid the high transaction fee.” The signature was verified by Mononaut, an anonymous developer behind Bitcoin Explorer Mempool. Casa’s co-founder and CTO Jameson Lopp also confirmed the signature.
However, Mononaut added that if the wallet address had been compromised, the message could have been signed by a hacker. According to the Blockchain explorer Blockchair, the transaction was mined by AntPool in block number 818,087. The previous record fee of $500,000 paid in September was later identified as a high payment made in error by crypto services provider Paxos, and F2Pool agreed to refund Paxos. It is not yet known if AntPool will make a similar agreement, but if such a decision is made, another method will be needed to verify the victim’s identity. A community member known as “niftydev” claimed to know the person behind the @83_5BTC account and asserted they were the owner, not the attacker. AntPool has not yet made a public comment on the transaction, and The Block’s request for comment has not been responded to.
Wallet Address May Have Been Created with Insufficient Randomness
According to Mononaut, the most likely reason for the record transaction fee of $3.1 million was a wallet address created with insufficient randomness, making it vulnerable to hack attacks. The transaction was quickly processed using a Bitcoin protocol feature called replace-by-fee (RBF) that allows the sender to increase the transaction fee of an unconfirmed transaction to be processed faster by the network.
The developer suggested if a wallet address was created with insufficient randomness, multiple hackers could be competing to steal the funds, and to block their competitors, they may have configured scripts to spend a significant part of the transaction as a high fee. Mononaut later pointed out that the paid transaction fee was exactly 60% of the stolen total of 139.42 BTC, and a potential attacker also swept away 0.001 BTC by paying a fee of 0.0006 BTC from the same address. The developer mentioned that this could be reasonable evidence for an automatic script set to pay a fixed 60% of the value as a fee to steal BTCs sent to vulnerable wallet addresses, combined with the speed of the theft. This 60% fee could have replaced an initial fee of 51% of the transaction, which could be from a different hacker or part of the same strategy.
Mononaut added, “This serves as a reminder not to take shortcuts with insufficient randomness and ideally use multisig (multi-signature) wallet addresses for very large amounts.”
