K9 Finance DAO has deployed a new smart contract to the Ethereum blockchain containing 20 ETH. This action makes good on a public promise from developer Kaal Dhairya to extend one final, larger bounty offer to the entity behind the Shibarium Bridge exploit for the return of more than $700,000 in frozen KNINE tokens.
In Brief
The deployment of this new contract follows a previous, unsuccessful attempt at recovery. The K9 Finance DAO had initially offered a 5 ETH bounty, which the exploiter rejected with a public on-chain message demanding 50 ETH. The K9 Finance DAO did not accept the counter-offer, stating the stolen KNINE tokens were permanently blacklisted and unusable.
Following the expiration of that offer, Dhairya addressed the situation in a blog post on October 14. “We have no ego when it comes to protecting our users — only responsibility is to make them whole,” he wrote. “To demonstrate that, we’ll extend one final bounty offer.”
The commitment was carried through. The updated contract is live with 20 ETH in funding, 15 ETH more than the first bounty.
The recovery effort is governed by the smart contract at address 0x5EA23706708F727F1AF45718c4903DdA2526D4d0. Its purpose is to facilitate a trustless exchange without direct communication.
The process required of the exploiter is purely technical.
First, the exploiter must execute an approve function on the KNINE token contract. This action grants the new bounty contract permission to transfer the full amount of the frozen tokens.
Once this on-chain approval is confirmed, the Shiba Inu team can then execute a final function on the bounty contract. This function is designed to perform two actions simultaneously: it withdraws the KNINE tokens from the exploiter’s wallet and releases the ETH reward to it in a single, atomic transaction.
This bounty specifically addresses the recovery of community-owned KNINE tokens. For other users affected by the Shibarium bridge exploit, the Shiba Inu team has outlined a separate course of action.
In the same October 14 blog post, Dhairya mentioned a broader plan. “In parallel, we’re finalizing a fair and transparent repayment framework for affected users,” he wrote. “Details will be shared through official channels once it’s safe to do so.”
The contract at address 0x5EA… now exists on the Ethereum blockchain, its code and its 15 ETH (or 20 ETH) contents visible to all. The public on-chain record will soon show whether the exploiter accepts the terms before the decay period begins, providing a transparent conclusion to the recovery effort.
