The funds were blocked since 2016 due to a bug in the contract’s reimbursement function.
It is the second recovery of this type that the researcher has announced in eight days, according to himself.
About 1,000 ether (ETH), currently valued at USD 2 million that had been trapped since 2016 in the smart contract of the failed ICO of the HongCoin project, were unlocked by the on-chain researcher and developer known as 0xflorent, as he himself published on X this May 31. The project’s 48 original investors can now claim their funds for the first time in nine years.
HongCoin was a funding project launched in 2016 through an ICO (an initial coin offering, the mechanism by which a project sells its own tokens to investors in exchange for cryptocurrency before launching its product). The project did not reach its fundraising goal, so the contract had to automatically return the deposited ETH.
A bug in the refund function prevented that from happening: The contract rejected any withdrawals whose amount exceeded an internal counter that years of partial refunds had reduced to 356, limiting each withdrawal to a maximum of 3.56 ETH. The remaining funds were frozen.
How did the funds come out after nine years?
0xflorent found its way out in an administrative function of the contract that had a programming defect known as integer overflow (a flaw in which a mathematical operation exceeds the maximum value that a variable can store, producing an unexpected result that can be used to alter the contract’s logic). Calling that function with a specific value reset the token balance from one holder to one, giving you allowed you to pass the refund control and withdraw your funds.
The recovery was not unilateral. The administrative function It could only be executed with the signature of the HongCoin multi-signature walleta wallet that requires simultaneous approval from multiple parties to move funds, used by the project team to manage the contract.
0xflorent contacted the team by email, validated the process on a test fork of Ethereum (a copy of the network state used to simulate transactions without real consequences, allowing to verify that everything works before executing it) and it was the team itself who signed the 41 unlocking transactionsone for each blocked holder. Seven other investors, with sufficiently small balances, were able to withdraw directly without needing the process.
The contract is still active and funded
The data from the Etherscan block explorer shared by oxflorent, show that the HongCoin contract, created 9 years and 276 days ago, still retains about 882 ETH (equivalent to USD 1.75 million).
At the time of this article, and as detailed by oxflorent in X, two holders withdrew a total of 96.5 ETH, close to USD 193,000. The remaining 46 have not yet done so. In that sense, the 882 ETH that remain in the contract indicate that the majority of investors have not yet claimed: the unlocking opened the possibility of recovering the funds, but does not guarantee that everyone will do so.
0xflorent described the operation as the “first hat exploit on Ethereum.” It is also the second recovery of this type that it has advertised in eight days: on May 24, it reported having returned 19,329 ETH to its original owners from a failed ICO in 2018 and from Liquality Wallet accounts, a wallet that stopped operating in 2024, leaving funds inaccessible.
The case illustrates a tension inherent to smart contracts, since their immutability, the property that prevents them from being modified once deployed, It is also the reason why a bug can block funds indefinitely. Whether these funds can be recovered depends, in most cases, on whether someone with the necessary qualifications decides to seek a way out and whether the original team still exists to sign it.