A rare feel-good twist happened this week in crypto, where a user recovered their funds after losing 100 ETH due to a wallet bug.
The recovery owes to action by the Safe Wallet team and the foresight of white-hat developers at Protofire.
100 ETH Lost to Wallet Bug—Then Recovered in a Stunning Rescue
The incident unfolded when long-time Ethereum user khalo_0x on X (Twitter) attempted to bridge 100 ETH from the Ethereum Mainnet to the Base blockchain. They used the official Safe Wallet Bridge interface.
At current rates, with ETH trading for $2,635 as of this writing, this transfer was worth over $263,500.
Unbeknownst to him, a critical user experience bug within the bridge tool allowed the transfer to a smart contract wallet that appeared to be his.
However, this wallet was controlled by a different entity.
The issue’s root lay in Khalo’s use of an outdated version of Safe (v1.1.1), deployed in 2020. This legacy version predated multichain considerations and lacked protections that are now standard in newer versions.
As a result, an attacker, or so it initially seemed, had previously deployed a copy of Khalo’s wallet address on Base, but with a different owner configuration. With this, they effectively hijacked the funds as soon as they were bridged.
“I lost my life savings in one click using Safe last night. That’s after 8 years of holding ETH and avoiding scams. A UX bug within the official Bridge feature implied the destination address was my Safe on Base. It wasn’t,” Khalo lamented in a post.
The tweet drew attention from the crypto community, including the Safe team. Builder Tschubotz.eth investigated and discovered that the Base address controlling the bridged ETH was not malicious after all.
Outdated Wallet Version Opened Door to Cross-Chain Exploit
Instead, it had been deployed by Protofire, a white-hat development firm that had proactively deployed hundreds of Safe v1.1.1 wallets on Base to prevent black-hat attackers from doing so.
“Unlike EOAs (Externally Owned Accounts), smart accounts like Safe are governed by deployed smart contract code. It’s technically possible to deploy a smart account with the same deployment config (same signers) on different chains at the same address (using counterfactual deployment)…But this case was different… The smart account version from back then (v1.1.1.) was not yet written with multichain in mind, so it was possible for anyone to deploy a smart account on a different chain with a completely different config at the same address,” Safe co-founder Lukas Schor explained.
Upon verifying Khalo’s identity, Protofire promptly returned the full 100 ETH. A successful full transfer followed a test transaction, resolving the crisis just hours after it began.
“This is one of the coolest crypto stories I’ve seen in a while,” said Haseeb Qureshi, Managing Partner at Dragonfly.
The incident highlights the urgent need for better user safeguards as crypto wallets advance in multichain ecosystems.
Safe’s updated version v1.2.0 now includes protections against this type of exploit by changing how the CREATE2 salt is calculated during contract deployment.
The bridge tool has also been upgraded to issue warnings if conflicting smart contract code exists at the destination address.
Still, the incident is a sobering reminder that users remain vulnerable to subtle, non-obvious bugs.
“…we are still at a point where users are expected to do test transactions before moving bigger funds.,” Schor added.
Despite the initial trauma, Khalo’s story ended with his funds restored.
The post How a Crypto User Recovered 100 ETH Lost to a Wallet Bug appeared first on BeInCrypto.