Blockchain bridging is a game changer in the decentralized finance (DeFi) ecosystem, enabling seamless interoperability between protocols.
Bridges allow users to move digital assets between networks, thus unveiling the power and the potential of DeFi.
However, with great power…
Bridges have become the easiest target for high-profile hacks in the crypto industry, with $2bn lost in 2022.
What can we learn from blockchain bridge hacks from the past, and what can developers do to reduce the risks?
Blockchain Bridging Hacks
The following are noteworthy bridge hacks that have resulted in significant losses.
Ronin Hack
The hack executed on the Ronin Bridge is not only the most significant bridge attack but also the largest crypto attack of all time. It was orchestrated against a bridge built by Sky Mavis, a developer at play-to-own game Axie Infinity, to connect Axie Infinity’s EVM-based sidechain, Ronin Network, to ethereum (ETC).
Through social engineering, the hackers compromised one of the company’s engineers and gained access to private keys. Posing as a recruiter, the hackers offered jobs to a selection of Axie Infinity’s developers, one of whom took the bait.
After a series of interviews, the developer — a senior engineer — was offered the job and received a PDF file listing all the details on compensation. Upon downloading the document, filled with spyware, the hackers gained access to four out of nine validators (responsible for verifying transactions on the network).
Seeing as they were yet to gain control of the 50% of validators to successfully sign off on transactions, they exploited a backdoor that was left open when the Axie decentralized autonomous organization (DAO) gave Sky Mavis the rights to sign on its behalf to deal with high user volume.
With this, the hackers were able to make way with over $600 million worth of crypto assets. Specifically, the exploit led to the loss of 173.6K ETH and 25.5M USDC tokens. The attack was linked to Lazarus Group, one of the North Korean government-sponsored groups of hackers, who allegedly stole more than $2bn in crypto assets in recent years.
Binance Hack
Another major bridge hack was the Binance bridge hack, resulting in the loss of over $570 million in crypto assets. The Binance bridge connects and enables the transfer of assets from Binance’s BNB Chain and BNB Smart Chain to ethereum and back.
According to Immunefi, a Web3 and crypto bug bounty and security services platform, the hackers exploited a bug in the Binance bridge’s proof of transaction. The hacker managed to get a message that proved a transaction’s validity, tricking the contract’s logic into thinking the message was indeed valid, even though the hacker had no claims to the funds.
This resulted in the Token Hub paying out the transaction, leading to the drainage of two million BNB tokens worth around $570 million at the time of the attack. While the remaining funds were frozen on the chain, the hackers could transfer $137 million to other chains.
Using the stolen BNB as collateral to borrow different stablecoins, most of the money was laundered through Venus and Geist, with the remaining money going through Uniswap, PancakeSwap, Curve Finance, and Platypus Finance.
Wormhole Hack
2022 saw yet another blockchain bridge hack, Wormhole, which connects Solana to other significant blockchains such as ethereum. The attack exploited an outdated function in the code to get around the signature verification.
Based on open-source code commits, the code meant to address this vulnerability was produced as early as January and published to the Wormhole GitHub repository on the day of the attack in February.
The hacker only discovered the vulnerability hours later, possibly after seeing the commits made to the code, indicating that the production application had not yet received the fixes. This enabled them to forge a valid signature for a transaction that allowed them to freely mint 120,000-wrapped Ethereum (wETH).
Nomad Hack
Unlike other bridges that have native blockchains and validators, Nomad is a bridge generally that allows users to transfer assets and data across various blockchains, such as ethereum and Moonbeam.
This cross-chain bridge is more cost-efficient than others since it uses on-chain smart contracts to collect and distribute bridged funds and off-chain agents to relay and verify messages between different blockchains, reducing the overhead.
The hack involved a total of 960 transactions with 1,175 individual withdrawals from the bridge. The exploit was made possible by a misconfiguration of the project’s main smart contract that allowed anyone with a basic understanding of the code to authorize withdrawals for themselves.
According to Nomad, an implementation bug caused the Replica contract to fail to authenticate messages properly. This issue allowed any message to be forged as long as it had not already been processed.
As a result, contracts relying on the Replica for authentication of inbound messages suffered security failures. This authentication failure resulted in fraudulent messages being passed to the Nomad BridgeRouter contract, enabling withdrawals.
In total, the bridge was drained of $190 million worth of crypto in the form of USDC and wETH. Following this hack, Nomad offered a bounty, under which attackers may keep 10% of their money and avoid legal consequences provided the remaining 90% was returned, in addition to a Whitehat non-fungible token (NFT) as a token of appreciation. However, only $36 million was ultimately recovered.
Harmony Hack
The crypto industry suffered a loss of $100 million through a blockchain bridge attack that targeted the Horizon bridge native to the Harmony layer-1 blockchain. The bridge facilitates the transfer of assets between Harmony and the BNB Smart Chain and Ethereum blockchains.
While it is unknown how the hackers accessed the private keys, it was established that the exploit was facilitated through their compromise. These keys were used to approve a transaction and cause the transfer of funds.
However, Harmony’s Horizon Bridge only required two of the five private keys to sign off on a transaction. Once the hacker stole the two keys, they approved a transaction worth $100 million.
The hack was linked to Lazarus Group, which laundered the funds in Tornado Cash despite being offered a $1 million bounty.
Bridges: The Weakest Link
Chainalysis states blockchain bridges are more susceptible to crypto hacks than blockchain networks. In 2022, bridge hacks accounted for over 52% of all crypto losses and 64% of all defi protocol losses.
Bridges are more vulnerable because despite existing in a decentralized environment, they have a central point where they store all the collateral for bridged assets. This makes the bridge an easier target regardless of the method used to store the assets, be it a smart contract or with a central custodian.
Additionally, despite numerous new models being created and tested, successful bridge design remains a technical difficulty. These designs offer fresh attack points that malicious actors might use as time passes, even as best practices are improved.
Some bridge projects also publish their source codes as open source to encourage openness and transparency. While open-source codes promote trust, they make it easier for hackers to examine, duplicate, or find weaknesses in a bridge’s software.
Improving Blockchain Bridge Security
Blockchain bridge security can be compromised through technical approaches, such as finding loopholes in code, or by manipulating people with privileged access to the bridge through techniques such as social engineering.
As such, attempts to improve the security of bridges need to cater to both vulnerabilities. On the technical front, developers need to:
Use Multi-Signature Technology
Multi-sig is an approach that requires multiple approvals or signatures before a transaction is carried out and funds are transferred. This prevents a single party from having absolute power, creating a single point of failure.
By needing several signatures, it eliminates the single point of failure and makes it difficult for a hacker to get approval to complete a transaction. While the method has been applied for many years in the crypto industry, many have had to increase the minimum required signatures or the total number of signatories for added layers of security.
Audits
Code has also been determined to be a source of vulnerabilities on bridges. Hackers can find loopholes and exploit them for assets by exploring the code. Therefore, bridges must undergo exhaustive reviews and audits to identify vulnerable codes in a more secure environment.
Third-party audits, such as those by Trails of Bits, Solidified, Ackee Report, Halborn, or Code4rena, are also recommended.
These audits should also be extended to newly written code before merging with the production code to identify potential vulnerabilities that could arise due to the changes made.
Optimistic Approach
This approach is where a bridge assumes that all transactions are valid and instead uses third-party participants to flag suspicious transactions in exchange for rewards before they are executed.
As such, the bridge relies on the validators to pick up on suspicious transactions and dispute them for more investigation, resulting in a more secure bridge. The security is, however, at the expense of the speed of execution of transactions as they have to wait for the challenge period to elapse, during which the third parties can flag a transaction.
Education
Regarding humans and their interactions with platforms, bridge owners can work on educating their developers and persons with privileged access on how to identify and avoid social engineering and phishing scams.
These people should also keep up with the latest trends and hacks to learn the new ways in which hackers are scamming developers for information that could compromise the bridge.
The Bottom Line
Undoubtedly, the increase in blockchain bridges has also caused an increase in the losses incurred. That has inevitably affected the market by causing a drop in the price of assets or reduced transaction volume, although temporarily.
Hackers are continuously evolving their techniques and advancing their approaches. Fortunately, developers and platforms are also reinforcing the security of the bridges and being more vigilant about their approach to securing the platform.
Additionally, the sector might eventually be regulated with standards and frameworks put in place to ensure the overall security of the sector. As a result, albeit slowly, the DeFi landscape will become more secure and less threatened by hacks. This will encourage and inspire trust in investors, resulting in growth in the sector.