The users who suffer from their own inattention should point out the oversight and the developers of Bitcoin Cash, who did not come up with protection against such errors. However, the developers already promise to switch to a new address format for BCH, which will exclude the possibility of repeating such confusion.If the message on Reddit sent by the person who made it, right, unknown hacker was not guided by altruistic reasons and is ready to agree with the real owners of the money, but not for free. This may seem unlikely, but it is worth noting that mining pool BTC.com previously did just that for 100 BCH that had befallen the same fate. The poster, going under the name bchsegwitrecover, writes:
"Enter your quote here...I have taken all of these coins to help those that have mistakenly sent BCH to segwit addresses. If you mistakenly sent BCH to a segwit address, send me a PM or send an email to bchsegwitrecover@mail2tor.com. Be sure to include the segwit address you are trying to recover coins from."
by Author
There's a condition attached however – claimants will need to pay a bounty of 30%. As the poster explains, "Recovery requests will be processed manually and the transactions will be done daily. However I am only human and this may take a long time to do."
Whoever scooped up the BCH floundering in segwit addresses has certainly done a comprehensive job: in addition to recovering one transaction of 33 BCH worth $41,000, they went to the trouble of hoovering-up all the shrapnel, including numerous transactions worth mere cents.
Recovering bitcoin cash sent to a segwit bitcoin address isn't easy, but it's doable. With enough of an incentive – say $600,000 – someone was bound to step up and give it a go. Pulling off the feat calls for a two-part process, the first of which involves obtaining the scriptSig from the BTC addresses the BCH was sent to.
Get the scriptSig and you can spend the output from the P2SH-P2WPKH segwit address. Apply a particular hash, add in a network byte and checksum, convert the figure into Base58 format and – boom – you've got your scriptSig. Whoever recovered the $600k of BCH likely ran a script to automate the process for all 399 segwit addresses that were holding bitcoin cash. Those funds, all 493.5 BCH of them, now reside in this address.
The second stage of the process would have been to mine these transactions but without broadcasting them to the rest of the network. It is safe to assume that the person who obtained the scriptSig data also mined the transactions, either via a BCH solo rig, or potentially through one of the more shadowy BCH pools whose identity is unknown.