Another Bridge Attack: Axie Infinity Network's $551.8M Hack
One of crypto's largest attacks ever - Ronin Network lost almost $600 million
The Ronin Network team confirmed its bridge was exploited for 173,600 ETH and 25.5 million USDC. Ronin Network, the side chain used in the popular play-to-earn game Axie Infinity (AXS), suffered a major exploit on 23rd March 2022. The Ronin Bridge and Katana Exchange have been halted following the incident.
This will be the second major bridge attack in 2022. We covered the Wormhole bridge attack which saw a loss of $300 million in February, 2022.
The Ronin team confirmed the incident via a blog post on Tuesday, stating that its validator nodes and Axie DAO validator nodes were compromised on the 23rd of March 2022, leading to losses of 173,600 ETH and 25.5 million USDC. Looking at market prices on said day placed the value of the attack to around $551.8 million (Ethereum has climbed from $3,032 to $3,400 since the hack. At today’s prices, the loot is worth over $615 million).
Ronin Bridge team revealed that the hacker used compromised private keys so that they could forge withdrawals. Alarmingly, the attack was only discovered six days after the attack, when someone reported that they had struggled to withdraw 5,000 ETH from the bridge.
The Ronin chain uses only nine validator nodes (Ethereum has around 300,000 validators, while Solana has closer to 1,000). To confirm a deposit or withdrawal, it requires five validator signatures. The hacker successfully drained the funds because they took control of four Ronin validators and another validator run by Axie DAO. Ronin said that although the validator key scheme it uses “is set up to be decentralized,” the attacker found a back door through a gas-free node that was set up amid increasing user demand.
The Ronin team also stated that it had increased the minimum number of validator signatures required for a deposit or withdrawal to eight in response to the incident. It is also migrating its nodes and temporarily paused the Ronin Bridge and Katana exchange.
According to the blog post, this wallet containing 175,913 ETH holds the majority of the stolen funds. Ahead of the exploit, this same wallet interacted with Binance, and other wallets connected to the hacker have since made deposits to FTX and Crypto.com. That suggests that there may be a way of tracing the hacker. The Ronin team said that it was “working directly with various government agencies” and Chainalysis to track the hacker and the stolen funds.
Ronin Network is an Ethereum side chain launched by Sky Mavis, the blockchain game developer behind the NFT-based play-to-earn hit Axie Infinity. Sky Mavis experienced huge growth last year as NFTs boomed and interest in Axie Infinity skyrocketed, hitting a valuation of almost $3 billion in October, 2022. Axie Infinity players use Ronin to trade in-game tokens. The Ronin team admitted that while the network “was not immune to exploitation,” it was working to ensure that no users’ funds are lost.
AXS, RON, and SLP all fell on the news. Unsurprisingly, RON was hit hardest. It is down 20.9 as at the time of writing.
Where are the funds now?
Most of the hacked funds are still in the hacker’s wallet: https://etherscan.io/address/0x098b716b8aaf21512996dc57eb0615e2383e2f96
Are funds on Ronin are at risk?
ETH and USDC deposits on Ronin have been drained from the bridge contract. According to the Ronin team, all of the AXS, RON, and SLP on Ronin are safe right now.
What does this mean for users who have funds on Ronin Network?
Presently, users are unable to withdraw or deposit funds to Ronin Network. Sky Mavis said they are committed to ensuring that all of the drained funds are recovered or reimbursed.
ICYMI
Compound Rallies on Plans to Cut Rewards. Link
Do Stacking BTC, Terra Keeps Soaring. Link
Polygon’s New ZK-Proof-Based Identity Solution - Polygon ID. Link
Michael Saylor Borrows Against BTC to Buy More BTC. Link
 | A guest post by
|