yesterday evening, Axie Infinity issued a community announcement, saying that the public chain bridge Ronin bridge it used was hacked last week. Attackers stole around $625 million, making it the largest crypto hack to date.
Axie Infinity development team Sky Mavis manages the Ronin bridge, which allows users to send cryptocurrencies back and forth between Ethereum and Axie’s Ronin sidechain.
The Ronin sidechain is secured by nine validating nodes. On March 23, attackers compromised five of these nodes. The attacker then used the node’s signature to withdraw 173.6kETH and 25.5MUSDC from the Ronin bridge, which is about $625 million at current prices. On March 29, a user was unable to withdraw 5kETH via the Ronin bridge, which alerted the Sky Mavis team to the depletion of funds in the bridge. The hacker attack was discovered. Sky Mavis subsequently suspended Bridge and KatanaDex, migrated its node infrastructure, and worked with law enforcement, large cryptocurrency exchanges, and Chainalysis to track losses, and the vast majority of stolen funds are still held in Ronin addresses. All AXS, RON and SLP on Ronin are currently safe.
The Ronin bridge attack was not the result of a smart contract exploit. is a compromise caused by multi-signature, a “classic” cracking of the private key in a multi-key security setup. Of the nine validating nodes that maintain the bridge, Ronin needs five nodes to be honest at all times in order to stay safe. Five of the nine validator signatures are also required in order to identify a deposit event or a withdrawal event. The attackers compromised five nodes, including four Ronin validators from Sky Mavis and a third-party validator run by Axie DAO. Withdrawals become illegal “honesty”.
The validator key scheme is set up to be decentralized, so it limits attack vectors similar to this one, but the attacker discovered a backdoor via a gasless RPC node and used that backdoor to obtain the signature of the AxieDAO validator.
Currently, Sky Mavis has raised the validator threshold for Ronin from 5 to 8, and will also consider further decentralization and increasing the total number of validators.
Adam, a partner at Cinneamhain Ventures, speculates that Sky Mavis may eventually sell a stake to cover losses from the attack.
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/ronin-bridge-hacked-stealing-approximately-625-million/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.