Blockchain Bridge Blasted For $326 Million

01 March 12:26

【TR; DR】

In one of the most shocking hacking incidents reported in recent years, the popular cryptocurrency platform, Wormhole, identified a significant exploit occurring within the bridge between the Ethereum and Solana blockchains. Officially confirming the hacking via Twitter, Wormhole reported that the bridge was currently offline whilst their team investigated the ‘potential’ exploit as on-chain analysts brought attention to an 80,000 ETH transaction made from Wormhole to an address in possession of over $250 million in Ethereum, with a further 40,000 ETH stored by the attacker within Solana’s ecosystem for the purpose of buying and selling other assets.

Raising the alarm across several DeFi communities, this recent exploit means that any Ethereum bridged to Solana may be unbacked, thus potentially jeopardising the investor’s funds and the entire Ethereum ecosystem. In an interview with CoinDesk, George Harrap, founder of the Solana based DeFi platform Step Finance, anticipates that if Jump Capital are unable to step in to backstop the stolen ETH then numerous Solana-based platforms that accept ETH as collateral may now become ‘partially insolvent’. Adding to this growing dilemma, Harrap also acknowledged the very pressing possibility that if no one backs the hacked Ethereum then the coins will be ‘truly gone’ and ETH will ultimately be ‘worth zero’, thus impacting everyone with a balance of it, as well as DeFi protocols and users.

Fill in the form to receive 5 reward points→

What Happened？

On February 2nd, the Wormhole network was exploited for 120,000 wrapped Ethereum tokens, which was estimated to be worth around $326 million at the time of the incident. The bridge between Ethereum was taken advantage of, thus allowing an immensely damaging exploit of users' funds to occur.

A bridge between two networks is built from a carefully constructed infrastructure of smart contracts that facilitate interoperability and transactions between different blockchains, therefore enabling users of the bridge to transact funds between two different blockchains after connecting their wallet with a web application to assist in initiating transactions. Following the confirmation of a transaction on the origin blockchain, the crypto asset is released on the destination blockchain and transferred to the user wallet, which in the instance of the Wormhole network, would mean a user could send ETH and receive SOL in exchange.

As the exploit was well underway, Wormhole temporarily closed it’s website, branding the website closure as ‘maintenance’ as their team actively investigated a potential ‘exploit’, which were later consolidated by a range of crypto analysts reporting two vastly suspicious transactions. The blockchain data showed that the exploiter had found a way to exploit the network and had minted 120,000 wrapped Ethereum tokens, as well as bridging 10,000 ETH to the Ethereum blockchain. As twenty two minutes passed, the exploiter made another attack, seizing 80,000 ETH in a huge transaction on the Ethereum blockchain, suggesting that the exploiter allocated some of the Ethereum tokens stolen to different Ethereum wallets.

From the perspective of Wormhole, the newly minted wrapped Ethereum appeared as general wrapped Ethereum tokens, which led them to release ETH to an Ethereum wallet founded on those infamous wrapped Ethereum, which essentially enabled the exploiter to divulge in the reserves of Wormhole itself.

How Are Wormhole Addressing The Issue？

Confirming the hacking officially, Wormhole tweeted to thousands of terrified investors and stakeholders confirming the exploit and emphasising that the ‘vulnerability has been patched’, however, the bridge remained down for an extended period of time. This continued closure of the bridge between the Solana and Ethereum networks may be as a result of the wrapped Ethereum essentially being unbacked, which could render the Ethereum on the Wormhole network as valueless without further intervention.

In a plea for more clarity on why the incident occured and to attempt retrieval of the Ethereum Wormhole initiated a transaction to the exploiter with a note, offering to exchange $10 million in exchange for the assets in all their entirety in a ‘bug bounty’.

Yet in the likely event that the exploiter chooses to flee with the $326 million recently garnered, immediate intervention is required to prevent further ramifications on the Ethereum and Solana blockchains respectively. Solana lending markets and similar protocols may be flung into a state of jeopardy if the ETH issued by Wormhole cannot be bridged back to the Ethereum main chain - thus rendering them valueless.

However, founder of Solana DeFi platform, Step Finance, George Harrap revealed that he anticipates that Jump Capital, who purchased the Wormhole developer Certus One in summer of 2021, may intervene in an attempt to backstop the hacked ETH. Yet, if intervention fails to rectify the immense ramifications of this exploit, bridges such as Wormhole may be on borrowed time.

In response to the incident, Vitalik Buterin tweeted about his hopes for the future being built upon a ‘multi-chain’ ecosystem, not a ‘cross chain’, due to the inherent fundamental limits to the security of bridges that hope ‘across multiple zones of sovereignty’. Screenshotting his own Reddit post, Buterin references the increased safety of holding ‘Ethereum-native assets on Ethereum or Solana-native assets on Solana than it is to hold Ethereum-native assets on Solana or Solana-native assets on Ethereum’ as a result of the growing prominence of cross-chain bridge exploits and the way in which they can reduce the backing of different smart contracts and expose their vulnerability.

Cross-chain bridging technology has long come under fire for its security limitations, particularly as the ability to exploit has been exemplified through recent incidents, which may in turn increase the volume of developers and analysts turning towards a prospective future built from multiple strongly secured and independent chains.

Author：Matthew W-D, Gate.io Researcher
*This article represents only the views of the researcher and does not constitute any investment suggestions.
*Gate.io reserves all rights to this article. Reposting of the article will be permitted provided Gate.io is referenced. In all other cases, legal action will be taken due to copyright infringement.