Verichains detailed report reveals vulnerabilities behind Ronin chain attack, resulting in $10 million in losses

Blockchain cybersecurity company Verichains has revealed details of the Ronin chain attack that occurred on August 6th, revealing that it caused losses of approximately $10 million.

Cybersecurity firm Verichains revealed details on August 6 about the Ronin chain attack, which resulted in an approximate loss of $10 million. The attack was carried out by an MEV (maximum extractable value) bot controlled by a white hat hacker who later returned the funds. However, the incident raised significant concerns.

Cybersecurity firm Verichains revealed details on August 6 about the Ronin chain attack, which resulted in an approximate loss of $10 million. The attack was carried out by an MEV (maximum extractable value) bot controlled by a white hat hacker who later returned the funds. However, the incident raised significant concerns.

An update to the Ronin bridge's contracts introduced a vulnerability that the bot exploited, according to the Verichains report. This bridge connects Ethereum to the Ronin blockchain, a gaming network that hosts popular titles such as Axie Infinity. The contract update overlooked a critical function, allowing anyone to withdraw funds from the bridge without validation.

An update to the Ronin bridge's contracts introduced a vulnerability that the bot exploited, according to the Verichains report. This bridge connects Ethereum to the Ronin blockchain, a gaming network that hosts popular titles such as Axie Infinity. The contract update overlooked a critical function, allowing anyone to withdraw funds from the bridge without validation.

Every transaction is validated by network participants and processed through a consensus, enabled by the minimumVoteWeight variable. This variable uses the totalWeight variable as input. But during the update, totalWeight's value was set to zero, rather than the value in the previous contract. As a result, users could withdraw funds without a signature, as the updated contract permitted.

Every transaction is validated by network participants and processed through a consensus, enabled by the minimumVoteWeight variable. This variable uses the totalWeight variable as input. But during the update, totalWeight's value was set to zero, rather than the value in the previous contract. As a result, users could withdraw funds without a signature, as the updated contract permitted.

In an X post on August 7, Composable Security auditor Damian Rusniek stated, "The signer is 0x27120393D5e50bf6f661Fd269CDDF3fb9e7B849f but this address is not on the bridge operators list. This means that only ONE signature was required and it could by ANY valid signature." They concluded with the same finding as Verichains, "The root cause was that the minimum votes of the operators was 0. Anyone has 0!"

In an X post on August 7, Composable Security auditor Damian Rusniek stated, "The signer is 0x27120393D5e50bf6f661Fd269CDDF3fb9e7B849f but this address is not on the bridge operators list. This means that only ONE signature was required and it could by ANY valid signature." They concluded with the same finding as Verichains, "The root cause was that the minimum votes of the operators was 0. Anyone has 0!"

Ronin Offered $500,000 of the Exploited Funds to the White Hat Hacker

Ronin Offered $500,000 of the Exploited Funds to the White Hat Hacker

The MEV bot discovered this through simulations and executed the transaction, leading to the $10 million exploit. The white hat hacker's return of these funds ensured that Ronin developers discovered the issue before malicious actors could介入. The network allowed the individual to keep $500,000 of the exploited value as a bug bounty reward.

The MEV bot discovered this through simulations and executed the transaction, leading to the $10 million exploit. The white hat hacker's return of these funds ensured that Ronin developers discovered the issue before malicious actors could介入. The network allowed the individual to keep $500,000 of the exploited value as a bug bounty reward.

The above is the detailed content of Verichains detailed report reveals vulnerabilities behind Ronin chain attack, resulting in $10 million in losses. For more information, please follow other related articles on the PHP Chinese website!