Wormhole, one of the most popular bridges linking the Ethereum and Solana blockchains, lost about $320 million in an apparent hack Wednesday afternoon
One of the most popular bridges linking the Ethereum and Solana blockchains lost more than $320 million Wednesday afternoon in an apparent hack.
It is DeFi’s second-biggest exploit ever, just after the $600 million Poly Network crypto heist, and it is the largest attack to date on solana, a rival to ethereum that is increasingly gaining traction in the non-fungible token (NFT) and decentralized finance (DeFi) ecosystems.
Ethereum is the most used blockchain network, and it is a big player in the world of DeFi, in which programmable pieces of code known as smart contracts can replace middlemen like banks and lawyers in certain types of business transactions. A more recently introduced competitor, solana, is growing in popularity, because it is cheaper and faster to use than ethereum.
Crypto holders often do not operate exclusively within one blockchain ecosystem, so developers have built cross-chain bridges to let users send cryptocurrency from one chain to another.
Wormhole is a protocol that lets users move their tokens and NFTs between solana and ethereum.
Developers representing Wormhole confirmed the exploit on its Twitter account, saying that the network is “down for maintenance” while it looks into a “potential exploit.” The protocol’s official website is currently offline.
An analysis from blockchain cybersecurity firm CertiK shows that the attacker’s profits thus far are at least $251 million worth of ethereum, nearly $47 million in solana, and more than $4 million in USDC, a stablecoin pegged to the price of the U.S. dollar.
Bridges like Wormhole work by having two smart contracts — one on each chain, according to Auston Bunsen, co-founder of QuikNode, which provides blockchain infrastructure to developers and companies. In this case, there was one smart contract on solana and one on ethereum. A bridge like Wormhole takes an ethereum token, locks it into a contract on one chain, and then on the chain at the other side of the bridge, it issues a parallel token.
Preliminary analysis from CertiK shows that the attacker exploited a vulnerability on the solana side of the Wormhole bridge to create 120,000 so-called “wrapped” ethereum tokens for themselves. (Wrapped etherum tokens are pegged to the value of the original coin but are interoperable with other blockchains.) It appears that they then used these tokens to claim ethereum that was held on the ethereum side of the bridge.
Prior to the exploit, the bridge held a 1:1 ratio of ethereum to wrapped ethereum on the solana blockchain, “acting essentially as an escrow service,” according to CertiK.
“This exploit breaks the 1:1 peg, as there is now at least 93,750 less ETH held as collateral,” continued the report.
Wormhole says that ethereum will be added to the bridge “over the next hours” to ensure that its wrapped ethereum tokens remain backed, but it is unclear where it’s getting the funds to do this.
Ethereum founder Vitalik Buterin previously made the case that bridges won’t be around much longer in the crypto ecosystem, in part because there are “fundamental limits to the security of bridges that hop across multiple ‘zones of sovereignty.’”
CertiK noted in its post-mortem report of the incident that when bridges hold hundreds of millions of dollars of assets in escrow and multiply their possible vectors of attack by operating across two or more blockchains, they become prime targets for hackers.
Crypto platforms have faced a number of high-value exploits in recent months.
“The $320 million hack on Wormhole Bridge highlights the growing trend of attacks against blockchains protocols,” said CertiK co-founder Ronghui Gu. “This attack is sounding the alarms of growing concern around security on the blockchain.”
Please Read Essential Disclaimer Information Here.
© 2024 Crypto Caster provides information. CryptoCaster.world does not provide investment advice. Do your research before taking a market position on the purchase of cryptocurrency and other asset classes. Past performance of any asset is not indicative of future results. All rights reserved.
Contribute to CryptoCaster℠ Via Metamask or favorite wallet. Send Coin/Token to Addresses Provided Below.
Thank you!
BTC – bc1qgdnd752esyl4jv6nhz3ypuzwa6wav9wuzaeg9g
ETH – 0x7D8D76E60bFF59c5295Aa1b39D651f6735D6413D
SOL – DLvdMu85dW6pZMhw2E4S3pp81qQQGpy5UcdTsFEFBu4b
LITECOIN – ltc1qxsgp5fykl0007hnwgl93zr9vngwd2jxwlddvqt
Support CryptoCaster with any amount of Bitcoin by copying and pasting our Unstoppable Domain; villagewest.crypto in your sending wallet or crypto coin exchange.
Your contribution support will help in our growth, coverage, and global presence. CryptoCaster is a decentralized publisher “Covering a Global Evolution Re-defining Mediums Of Exchange”. We will continue to upgrade and create impactful sections to our lineup.
Any amount, as often as you can contribute will be greatly appreciated.
Every contribution, however big or small, is so valuable for our future. Thank you for your consideration and support!
Member of Global Meta Media Consortium℠ – www.g2mc.world