When digital assets are stolen, victims often feel helpless. However, a powerful, albeit unconventional, communication channel exists: the blockchain itself. Through on-chain messaging, parties can negotiate directly on the ledger, a tactic that has led to the recovery of millions in stolen funds.
The Power of Negotiation in Crypto Theft
Data from a 2023 cybersecurity report reveals a significant trend: in the first half of the year alone, 10 major hacking events resulted in the recovery of approximately $219 million out of $232 million stolen, a 94% return rate. In three of these incidents, all funds were successfully returned.
This shift highlights a growing willingness among attackers to negotiate, often spurred by communication through project social media or, more directly, via on-chain messages. This method provides a transparent, immutable, and direct line of communication between victims and perpetrators.
A Real-World Case: Euler Finance
A prominent example is the Euler Finance attack in March 2023, where an attacker exploited a vulnerability to steal nearly $197 million. A week later, the attacker sent an on-chain message expressing a desire to "make it easy for all those affected" and to "reach an agreement."
Euler responded on-chain, offering to discuss terms privately through a secure channel. This public exchange set the stage for negotiations. In a heartening side note, an individual user pleaded with the hacker via a separate on-chain message to return their life savings of 78 wstETH. Remarkably, the attacker sent this user 100 ETH in return.
This case also underscores the risks. Other entities attempted to intercept the communication with phishing attempts, including one masquerading as a decryption request that security experts warned was a scam designed to steal the attacker's private keys.
What Is On-Chain Messaging?
Blockchains like Bitcoin and Ethereum are, at their core, distributed global ledgers. Every transaction and its associated data are replicated across thousands of nodes, creating a permanent and unchangeable record.
While possible on Bitcoin, Ethereum is often the network of choice for messaging due to its lower transaction fees. When you send a transaction, you can include a message in the data field. This message is then permanently etched into the blockchain's history, visible to anyone.
The concept isn't new. Satoshi Nakamoto embedded the first message in Bitcoin's genesis block on January 4, 2009: "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks."
How to Send an On-Chain Message
Basic Method: Unencrypted Messages
Sending a clear-text message is straightforward. The key is to convert your text into a hexadecimal format, which is how data is stored on-chain.
1. Using a Web Interface like MyCrypto:
- Navigate to the ‘Send’ page on a platform like MyCrypto.
- Connect your wallet, enter the recipient's address, and set the amount of ETH to send (this can be 0).
- In the ‘Data’ field, prefix your message with
0xand input the converted hexadecimal string. - Confirm the transaction and pay the associated gas fee.
2. Using a Mobile Wallet (e.g., MetaMask, imToken):
- Initiate a standard transfer to any address.
- Enable ‘Advanced Mode’ or ‘Hex Data’.
- Input your hex-converted message, ensuring it starts with
0x. - Authorize the transaction.
3. Using Etherscan’s Data Input Module:
This tool simplifies the process by automatically converting your plain text into the required hex format, eliminating the need for a separate conversion step.
Advanced Method: Encrypted Messages
For private negotiations, you may need to encrypt your message so that only the intended recipient can read it. This uses public-key cryptography.
How to Encrypt a Message:
- Obtain the recipient's public key, which can often be derived from a previous transaction hash.
- Use a Python library like
eciespyto encrypt your secret message with the public key. - Convert the encrypted output into a hexadecimal string.
- Send this hex string as the data in a transaction to the recipient's address.
How to Decrypt a Message:
- The recipient extracts the hex data from the transaction.
- Using their private key and the same cryptography library, they decrypt the message to read the original content.
This method ensures that even though the transaction data is public, its meaning remains confidential between the sender and receiver.
👉 Explore secure communication tools
Best Practices and Security Warnings
While on-chain messaging is a powerful tool, it must be used with caution.
- Beware of Phishing: The public nature of these messages attracts scammers. Never run unknown software or enter your private key anywhere to "decrypt" a message. Legitimate entities will never ask for your private key.
- Be Professional and Clear: Messages are permanent and public. Maintain a professional tone, state your case clearly, and propose reasonable terms.
- Verify Identities: When possible, verify that you are communicating with the correct address. Attackers or impostors may use similar addresses to intercept communications.
Frequently Asked Questions
What is the main advantage of on-chain messaging?
It provides a direct, transparent, and permanent line of communication with an anonymous hacker. The public record can encourage good faith negotiations and holds both parties accountable to their word.
Can I send a message without spending gas?
No. Including data in a transaction consumes more gas than a simple transfer. Sending a 0 ETH transaction with a message still requires paying a gas fee to miners for processing and storing the data.
Is on-chain messaging completely private?
Unencrypted messages are completely public. Encrypted messages are public but unreadable without the private key. However, the act of sending a message, the involved addresses, and the time are always public record.
What should I do first if my funds are stolen?
Immediately contact the relevant project team and exchanges. They can often freeze assets or provide crucial tracking information. Then, consider a clear, professional on-chain message to open a dialogue if the attacker's address is known.
Are there alternatives to on-chain messaging?
Yes, you can attempt communication through a project's official social media channels or public statements. However, on-chain messaging is the most direct method to ensure a specific attacker sees your communication.
Should I negotiate with a hacker?
This is a complex decision. While negotiation has led to recovered funds, it should ideally be handled by professional security firms or law enforcement who are experienced in these situations and can assess the risks.
A Case Study: SlowMist’s Role in Transit Swap Recovery
Following the October 2022 hack of Transit Swap, where over $28.9 million was stolen, the SlowMist security team was enlisted to assist. They facilitated negotiations with the attacker through a series of encrypted and unencrypted on-chain messages. This professional communication strategy was instrumental in the subsequent return of $24 million in assets by a "white hat" actor.
Broader Recovery Strategies
On-chain messaging is one tool in a broader recovery strategy. If you suffer a theft, consider these steps:
- Notify Authorities: Report the crime to your local law enforcement and relevant financial regulatory bodies.
- Contact Exchanges: Immediately inform the exchanges involved. They can monitor for withdrawal attempts and potentially freeze assets.
- Engage the Community: Share information with the community. Other users may provide valuable intelligence on the attacker's methods or identity.
- Seek Professional Help: Consult with blockchain intelligence and cybersecurity firms. These experts can trace funds, identify attackers, and manage sensitive negotiations.
The best defense, however, is prevention. Use hardware wallets, protect your private keys, verify all transactions, and stay informed on security best practices to minimize your risk of being targeted.