When India’s largest crypto exchange, CoinDCX, discovered nearly ₹368 crore (approximately $44.2 million) missing from a secure internal treasury account, it responded with an unprecedented public call for help: a recovery bounty worth up to 25% of any recovered funds. With potential awards totalling around ₹91.6 crore ($11 million), the initiative marks the most ambitious effort by an Indian exchange to rally white‑hat hackers and the broader blockchain community in the fight to recover stolen digital assets.
Bounty Brings Community Into the Fray
CoinDCX now invites cybersecurity researchers, ethical hackers, blockchain sleuths, and even retail investors to share any leads, transaction traces, wallet identifiers, and IP logs that can help trace and retrieve the misappropriated crypto. A structured application process funnels tipsters into a dedicated internal team. Collaborators may receive rewards up to ₹91.6 crore ($11 million) if their intel leads to successful recovery or prosecution.
Although the breach affected only a segregated operational account, not user wallets, CoinDCX underscored that customer funds remain unaffected and fully insured. Transparency has become a cornerstone of its public response strategy, even as it tightens internal security protocols.
Where the Crypto Went and Where It Might Be?
Blockchain forensics has tracked most of the stolen assets to two public wallets: one holding 155,830 SOL (around ₹229.9 crore), and another containing 4,443 ETH (approximately ₹130.8 crore). CoinDCX works closely with international cybersecurity firms such as Sygnia, zeroShadow, and Seal911, with support from Solana Foundation and bridge platforms like Wormhole and deBridge.
A New Model for Crypto Security?
The bounty marks a bold shift for India’s crypto ecosystem, pushing firms to outsource threat detection and recovery to the community—if only temporarily. It echoes past efforts in the global market, but no Indian exchange has offered this reward scale before.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
CoinDCX’s co‑founder, Sumit Gupta, said, “Cybercrime is an attack on trust. When one is targeted, all are affected…We will emerge stronger, together,” he posted.
Industry watchers say the initiative could herald a trend toward collaborative defence in Web3, a signal that security, not speculation, is becoming crypto’s central currency.