Harmony Villains

@leo Have you been in contact with LuttyYang? Were some of his keys compromised or does he know anything about the hack?


@Pioneer Mate - I’d say that $50/hr is quite less for the quality or effort of work that maybe needed here.

It should atleast be comparable to or more than the rate the governors were offered for their services. In full honesty, you should ask for more (i…e. $75-100/hr) and not less - As the quality of work & assistance improves.

Crypto sleuths deserve more respect for their time to keep the community safe, not less. Give them hell, good sir & thank you for your service.


great work! good job

1 Like

Harmony better have bridge exploit thing sorted in less than 7 epoch

Great job @Pioneer! I believe we’re close in busting this/these guys out!

1 Like

Another possibility is the 1wallet hack that ppl have been mentioning for months now. Thousands of private keys have been stolen and team still didn’t officially confirm this incident.


@Pioneer @RoboValidator I’m Lutty, one of the developers of Harmony Horizon Bridge.

After development of the ERC721 and ERC1155 bridge, We verify it works as expected on mainnet:

  1. Leo send one token to me (Ethereum Transaction Hash (Txhash) Details | Etherscan)
  2. I lock the token on bridge
    (Ethereum Transaction Hash (Txhash) Details | Etherscan)

Amazing work , you are very talented


ok someone needs to say this

DO NOT AWARD @Pioneer with this bounty!!!

give him a full time job !!! he’s a trusted community member, doing far more than he should, he’d be an incredible asset to the core team. just respect the notice period so mtop can find someone who can at least try to replace him


Hi there!

Can you clarify some things? I understand your statement above, but frankly it has nothing to do with what I said. Just want to clear things up and put some names on these addresses.

Please see above: Harmony Villains - #18 by Pioneer

Do you own or know the owner of wallet:

Do you own the contract or know it: 0x478279c5A0beb8401De1b4EaCB4863a243a8e3A3

Do you own Lutty.eth?

Can you address these tx to the Contract Caller (0x812d)?


Can you address this? Very odd to me as well since their were previous transactions months prior.

Great job @Pioneer

I think this is not helping.


are both owners of that MultiSig. So they should be related to Harmony anyways.

Question is more if the keys got compromised and it would have been good
to have openly documented that multisig in the first place.

1 Like

Non of the transaction of the bridges exit on Harmony side for example
0x7605501779951BE669CB2D799C7F0731740EE037BBC8EA735F91859BE290CEB1 for the 43 wrapped ether

0x31CAEC811FC87DB2EBC8210B44A8F27C300A35490B6F160E7470B45ADAF24CB2 for the 13100 Ether Ethereum Transaction Hash (Txhash) Details | Etherscan

Looks for me very similar to the Ronin hack, so compromised keys…

1 Like

That’s almost certainly what happened. I started this investigating immediately after release and am following up to see about this last wallet. But it looks exactly like Ronin, I shared an article regarding this as well!


Lost 1k on usdc and now lutty could be mr rogue. Man what a day… i have a lot of respect for that guy…ffs

I really don’t think that it was him, but maybe his wallet interacted with the culprit. It appears most likely that either social engineering or a traditional hack was used in order to sign these assets out of the bridge on the ETH side.


If the keys to the EOAs that control the multisig were compromised, they’d be funded already would they not? There would generally be no need to fund them from an outside source, therefore no on chain evidence in this case. The evidence would be all on Harmony’s physical systems and such I would think.

Seems like Lutty here is having suspicious cast on him for very little reason. A Harmony bridge developer being linked to Harmony’s own multisig accounts(which appear to have had their keys compromised) doesn’t imply anything really.


as much as I agree, I have to at least argue that 100M is enough reason for me to at least look into things and share with the community. I also prefaced my post with the fact that this is all inconclusive. Also, this research was done immediately after the news came out and will be updated accordingly.


It would be a shame if it was true. Only time will tell…

Regardless… awesome work from you, you have my respect

1 Like

Agreed. I hope lutty can be eliminated asap from the list of suspects but you cannot ignore the connection…

1 Like