Something happened to the cross-chain bridge again.

This morning, the BNB Chian cross-chain bridge BSC Token Hub was attacked. Hackers used the cross-chain bridge vulnerability to obtain a total of 2 million BNB in ​​two parts, with a total value of 566 million US dollars. Regarding the specific process of this incident, Odaily has already"Analysis: About 566 million US dollars in the whole process of BNB being stolen"It was sorted out in detail in the article.

ReportReportmentioned inThe amount of losses related to cross-chain bridges has reached as high as 2 billion US dollars, most of which will occur during 2022, accounting for 69% of the total industry data this year.

secondary title

1. Ronin Network

In late March of this year, the cross-chain bridge of Axie Infinity side chain Ronin Network was attacked, and the total loss was as high as 624 million US dollars.

According to subsequent disclosures by all parties, the attack on Ronin was a social engineering attack. First, employees of a fake company contacted employees of Axie Infinity and Ronin developer Sky Mavis via LinkedIn and invited them to work; then, an employee of Sky Mavis received a fake offer after an interview, after he downloaded the fake After the Offer file, the hacker software infiltrated the Ronin system and took over 4 of the 9 validator nodes; then, the hacker took control of Axie DAO through Sky Mavis, which had allowed Sky Mavis to sign various transactions on its behalf ; In the end, the hacker controlled the vast majority (5/9) of the validator nodes, and then the entire network.

secondary title

2. Poly Network

Last August, Poly Network, a cross-chain interoperability project, was suddenly hacked and lost as much as $610 million.

Regarding the cause of this incident, based on the analysis of several security companies, the cause of this incident is that the keeper of the EthCrossChainData contract can be modified by the EthCrossChainManager contract, and the verifyHeaderAndExecuteTx function of the EthCrossChainManager contract can execute the user-passed function through the _executeCrossChainTx function. input data.

secondary title

3. BSC Token Hub

This is the event, seesecondary title。

4. Wormhole

In February of this year, Wormhole, the most important cross-chain bridge project in the Solana ecosystem, was attacked and lost about 120,000 ETH, worth about $326 million.

The specific process of the incident is that the attacker first minted 0.1 Wormhole ETH on Solana, obtained the "post_vaa" function in the "transfer message" contract, and then bypassed the signature check contract by loading an external contract, generating a The parameter required by the Wormhole function "complete_wrapped", thus achieving infinite minting. The root cause of all this is that Wormhole used an outdated system contract without the latest upgrade of the contract required by the parameters.

secondary title

5. Nomad

At the beginning of August this year, the cross-chain communication protocol Nomad was attacked, causing the liquidity of about 190 million US dollars in the bridge to be quickly exhausted.

Unlike other hacking incidents, Nomad can be said to have been bald by a group of "hackers". According to the analysis of the well-known security guru samczsun, this accident is because Nomad initialized the trusted root to 0x00 in a contract upgrade, so that anyone can use a valid transaction to replace the other party’s address with their own address, and then send Funds can be withdrawn from the cross-chain bridge after the transaction is broadcast. Post-event statistics show that a total of 1,251 ETH addresses were involved in this attack.

secondary title

6. Harmony Horizon

In June of this year, Harmony’s official cross-chain bridge Horizon was attacked, causing a loss of approximately $100 million.

Afterwards, Harmony founder Stephen Tse admitted that the attack was caused by the leakage of private keys, funds were stolen from the Ethereum side of the cross-chain bridge, and the attacker successfully accessed and decrypted some of these keys, some of which were used to sign unauthorized trade.

secondary title

7. Qubit

In January of this year, the cross-chain bridge QBridge of the lending agreement Qubit was attacked, resulting in a loss of about $80 million.

Regarding the cause of the accident, it was because the contract did not check whether it was 0 address again when transferring the tokens in the whitelist, which led to the recharge operation that should have been recharged through the native recharge function but could go through ordinary tokens smoothly. Recharge logic.

After the incident, Qubit's development team, Team Mound, announced that it could no longer be maintained, so it decided to disband, and the Bunny and Qubit protocols developed by the team will be managed by DAO. The community will have all relevant permissions to upgrade contracts, change fee structures, etc.

secondary title

8. EvoDeFi Bridge

In June of this year, Oasis ecological users found that the USDT and USDC on the DEX ValleySwap on their chain were seriously unanchored. After further investigation, they found that the root cause was that the cross-chain bridge EvoDeFi Bridge they relied on was suspected of casting bridge assets out of thin air under a state of insufficient collateral. Specifically, EvoDeFi Bridge generated 83 million USDT and 33 million USDC on the Oasis chain, but only 10.6 million USDT and 10.2 million USDC were mortgaged.

According to statistics from the security database Rekt, the specific losses caused by the incident to users totaled approximately 66 million US dollars.

secondary title

9. THORChain

From June to July last year, the cross-chain bridge project THORChain was hacked three times in a row, with a total loss of about 16 million US dollars.

treasury"treasury"Asset compensation is allocated, the second batch is repaid by lending assets from Iron Bank through RUNE as collateral, and the third batch will be compensated after the network is re-operated.

secondary title

10. pNetwork

Last September, the cross-chain protocol pNetwork was hacked and 277 pBTC (worth more than $13 million at current prices) were lost.

In response to the incident, pNetwork stated that hackers exploited a loophole in its code base and extracted pBTC from the BSC blockchain, while contracts on other chains were not affected.

summary

summary

Regarding the security issues of cross-chain bridges, the industry has long been a "cliché".

Why are cross-chain related protocols so vulnerable to attacks? How should the cross-chain bridge balance efficiency and security? As the security situation becomes increasingly severe, what should different roles such as project parties and users pay attention to? If an extreme accident does occur, what are the effective means of compensation? Previously, Odaily had interviewed well-known security companies such as PeckShield and BlockSec on this series of issues. Interested readers can take a look atone article.one article.