An Ethereum developer assisted in recovering funds that had been frozen since HongCoin’s 2016 token sale. On-chain records show that over 1,000 ETH—approximately $2 million at current prices—have been unlocked, benefiting 48 original investors.
The refund function is disabled due to a contract defect.
These funds were originally meant to be refunded to participants after HongCoin failed to reach its funding goal, but an error in the contract’s refund logic prevented proper identification of investors, causing the refund function to remain inactive for nearly nine years, locking the funds in the old contract.
Developer 0xFlorent_ stated that he found a way to enable the early contract to recognize blocked wallet addresses, thereby restoring refund permissions. Subsequently, the HongCoin team completed 41 unlock transactions based on this fix.
This unlock involves 1,003.62 ETH.
According to developer disclosures and on-chain browser records, the amount of funds recovered is:
- 1,003.62 ETH
- Approximately $2 million
- Covering 48 original investors
The developers also provided the relevant contract addresses and on-chain records of the wallet unlock as public proof of this fund recovery.
Historical contracts may still contain fixable issues.
Token sales were a common fundraising method among early Ethereum projects. Users sent ETH to a smart contract in exchange for tokens associated with the project. However, these early contracts were poorly designed, and if any logic errors occurred, funds could remain inaccessible for extended periods.
The security researcher stated that such cases are relatively rare and cannot be used to infer that a large volume of historically frozen assets can typically be recovered. This recovery was possible only because the contract happened to contain a security vulnerability that could be exploited, and the project team was still reachable and willing to cooperate.
A rare case in the context of DeFi attacks
Zhou Yajin, Associate Professor at The Chinese University of Hong Kong and co-founder of the on-chain security company BlockSec, stated that funds in many old contracts are often inaccessible due to lost private keys or irreversible contract logic, and these situations typically have no viable recovery path.
However, this incident also highlights that some on-chain assets considered permanently lost may still have avenues for recovery. The report notes that losses in the DeFi space exceeded $840 million in the first five months of 2026, with over $600 million stolen in April alone. Unlike common attacks, this case is a rare example where white-hat actors assisted in restoring withdrawal access.