Ways that $2 Billion Got Hacked in Cross-Chain Bridges π
This year has been too hard for many crypto projects and stablecoins as the majority of them have stress-tested the attempts of hacks, FUD, de-pegged stablecoins, and more. Among all these treats, Cross-chain hacks are the most severe attack that accounted for 45% of all funds being stolen!
I'm pretty sure you may count at least 3 hack cases that will come to your mind while reading. Actually, these cross-chain hack cases were conducted in different ways by hackers. Let's talk about some details of them.
The Chart Speaks Itself
When it is used to find quality information, CryptoTwitter can be a good source to find insight about what you are looking for.
This chart was shared by Zellic_io to prove the severity of Bridge hacks in crypto.
There is something interesting in this data. When you check the hack cases of CEXs, which was a nightmare in 2017-2018, today's issues are more complex and advanced blockchain operations like multi-bridge actions, nfts and De-Fi. It's something quite positive IMHO π
Types of Cross-Chain Hacks
It is natural to have bugs in the codes of projects but if it is the case for De-Fi, you may lose all your funds because of a little leak. As the blockchain products vary and grow, so do hackers π The way they steal the funds also differ from case to case:
In its simplest form, Cross-chain actions happen in this way:
When you transfer a token with cross-chain bridges, you are sending funds as tokens to the bridge protocol, which locks those funds into the contract on one chain. Then, the user is given funds in the form of wrapped tokens on the desired chain. - Outlookindia
Knowing the little complexity of operations between 2 different chains, hacker's initial attempt is always Fake Transactions:
When a fake transaction to the protocol is validated, the receiver address is automatically sent the wrapped version of the token. For example, the protocol is validated the deposit of 10 ETH. The receiver is sent 10 WETH and the hackers keep repeating the same type of transactions until the protocol drains!
We talked about the cases on LeoFinance: Nomad Exploit
In these examples, codes the most important aspects rather than the security provided by Validator Consensus. Do you know the second way that made Ronin Bridge lose more than half billion? Validator Takeover
It may sound like Justin Sun's cup of tea but it is actually done by hackers. The hackers were able to control the validators' accounts and 5 out of 9 validators took the power of the bridge by eliminating the rest!
We mentioned the hack case on LeoFinance: Ronin Hack
No Concern about Leo Bridge, though
As of writing, I do not think Fake transactions or Validator Takeover are possible risks on LeoBridges because the transactions are simple and nearly instant on Hive + Leo bridge is controlled by the LeoFinance team.
Note: You can easily check the funds of accounts like b-hive / p-hive etc.
The only possible risk that I see is that upcoming HF-26 will have a reversible transaction window which may mix the process that we are used to. LeoBridges may only need to be cautious about the upcoming hardfork that may have an indirect impact on its operations.
Other than that, Hive is one of the most effective chains to go cross-chain. Do not forget, Hive is a GameFi Chain for CMC and FootPrint's report. Hive - X chain bridges will be the new trend in 2-3 years IMHO βπΌ
Posted Using LeoFinance Beta
https://twitter.com/idiosyncratic1_/status/1573592133969272834
The rewards earned on this comment will go directly to the people( @idiosyncratic1 ) sharing the post on Twitter as long as they are registered with @poshtoken. Sign up at https://hiveposh.com.
We don't often come across posts that touch on crypto's technical issues. This was an instructive post.
Posted Using LeoFinance Beta
Thank you for your kind words, glad to hear πΏ