Unchained Bridge Hacks Have Caused ~$1 Billion in Losses. Here’s Why Bridge Security Is Tricky - Ep.336
Apr 1, 2022
This episode features Arjun Bhuptani, founder of Connext and a bridging technology expert. He delves into the infamous Ronin bridge hack, which saw over $600 million stolen, highlighting the role of social engineering and multisig vulnerabilities. Arjun discusses the sophistication of the hacker, potential reimbursement for victims, and various attack vectors that threaten cross-chain bridges. He outlines the need for innovative bridge designs to bolster security in decentralized finance, making a compelling case for future enhancements in the crypto landscape.
AI Snips
Chapters
Transcript
Episode notes
Ronin Network Hack
- The Ronin Network, an Ethereum sidechain for Axie Infinity, suffered a $625 million hack.
- The hackers stole 176,300 Ether and 25.5 million USDC.
Validator Compromise
- Ronin bridge validators were compromised due to a combination of factors, including a gas-free RPC.
- This allowed the attacker to spoof signatures and drain funds.
Social Engineering vs. DeFi Hacks
- Social engineering, exploiting human vulnerabilities, was the primary attack vector in the Ronin hack, not typical DeFi code exploits.
- Hackers target individuals controlling keys, highlighting the risk of human involvement.