Avalanche-based DeFi platform Platypus DeFi has proposed a recovery plan to compensate users impacted by last week’s exploit.

In a Feb. 23 update, Platypus DeFi said it was working with security experts to identify the hacker and recover the $9.1 million worth of stolen funds lost on Feb. 16. The same hacker carried out three separate attacks and made off with large amounts of USDC, USDT, DAI and BUSD. 

After the exploit, the hacker converted the stolen assets into 14,316 AVAX and bridged it to ETH. The hacker attempted to make a USDT withdrawal through a KYC-compliant Binance account, which led to the confirmation of his identity, said the Platypus team. A case has now been filed against the person in question in France.

During the first attack, the hacker did not include a mechanism to withdraw the stolen assets from the contract. As a result, Platypus was able to recover 2.4 million USDC trapped in the contract, collaborating with blockchain security firm BlockSec.

Platypus also reached out to USDT issuer Tether, which has since frozen the stolen stablecoins, and submitted a governance proposal to DeFi lending platform Aave to recover $380,000 worth of assets. 

Platypus plans to use the 53.1% of funds still in the main pool of assets to refund liquidity providers and is in talks with stablecoin issuers to recreate the assets trapped in the contract. For now, it does not plan to use the $1.4 million in its treasury in its compensation efforts, citing “potential legal conflicts” that may arise.

If conversations with stablecoin issuers do not go as planned, then Platypus will distribute the entirety of its treasury to affected liquidity providers. 

“This compensation plan ensures that a minimum of 63% of the funds will be distributed to users, regardless of any further update on fund recovery,” said the Platypus team. 

“In addition, if our proposal submitted to Aave is approved and Tether confirms reminting the frozen USDT, we will be able to recover approximately 78% of user’s funds,” they added.