[hectorr]

The question isn't who gets their money back, the question is who has to pay and/or take on the risk. In 2008, the banks were largely bailed out by taxpayers. In this case the hacker 'paid' because what they held was no longer recognized as ETH.

Even then, the hacker didn't lose anything. He might have a legal argument that he has been unjustly deprived of his wealth, but the legal system isn't generally available to criminals. Also, there's an alternative timeline where ETH fails because of this breach of trust, ETC takes off, and the hacker gets rich. But since the value creating developers supported to forked chain, that's where the value went.

[celticninja]

I am not 100% certain that the hacker did anything illegal. As I understand it he exploited a loophole in the contract, that has been going on since contracts have existed and is not illegal in itself.

[throwawayjava]

For me, this is the most interesting question. I suspect this was illegal, though. CFAA is pretty broad for exactly this reason -- the effect and intent, not the vector -- is what matters.

[koolba]

Why would the CFAA[1] apply? I don't think US law is the governing law for everything that happens on the Internet (though they'd probably love that...).

[1]: https://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act

[throwawayjava]

You mean jurisdictionally? E.g. if the hacker was located in the US, or in one of the many, many countries with an extradition agreement since some of those distributed computations almost certainly occurred in the us. Or in one of the many, many countries whose hacking laws are explicitly modeled on cfaa...

[Atheros]

Indeed.

"I have put one million dollars in this safe. The combination is one of the factors of this very large number."

Man factors number, opens safe, and takes one million dollars

"Woah hold on there, I didn't think anyone could do that! The money is still mine! Give it back!"

No.

[hectorr1]

It's a pretty grey area. I'm not sure they did either, but my guess is that they want to find out for sure by approaching the court system. Would definitely be an interesting conversation with their lawyer.