AxieInfinity suffered a $550+ million hack and nobody noticed for 6 days! Additional funds were put at risk due to a delayed response to the incident. Christian Seifert, researcher-in-residence shares all the details on the attack and how Forta could have prevented it.
On March 29th, the world learned about another massive Web3 hack that made it to the top position on the Rekt leadership board. We learned recently that the FBI seems to attribute the attack to the Lazarus Group, a threat actor associated with the North Korean government showcasing that Web3 is faced with some formidable adversaries that make a comprehensive security approach a must.
This time, the hack involved yet another bridge. The top 3 hacks on the leadership board happened on cross-chain bridges (with Poly Network and Wormhole being the other two). Bridges are needed to transfer tokens from one chain to another. However, in doing so, the user accepts inherent security risk associated with bridges. First, bridged tokens inherit the security properties of the chain the tokens are bridged to. For instance, the security of a WETH token on Ethereum Mainnet is very different to the security of the bridged WETH token on a different chain as pointed out recently by Vitalik Buterin. Second, bridges are inherently more complex in that the whole bridge requires several multi-chain components that need to synchronize state across chains.
How the Ronin Bridge works
The Ronin bridge essentially exists in two parts. A bridge contract on the Ethereum Mainnet and a set of Ronin Validators/ Contracts on the Ronin side. When a user wants to withdraw tokens previously bridged to the Ronin network, they have to deposit those tokens on the Ronin bridge and a set of validators generate a signature that then is passed to the withdrawal function (as shown in Figure 1) of the Ronin bridge Ethereum mainnet contract. Five of the nine validators need to be involved in the signature generation. The signature then gets validated by the contract, and the tokens are sent to the user’s Ethereum mainnet wallet.
Figure 1 – Parameters passed into the withdrawal function
Figure 2 – The Ronin Bridge Attack Steps
The attack on the Ronin bridge was essentially a private key theft as illustrated in Figure 1. The attacker obtained access to four keys of the Sky Marvis validators (Step 1). How they did so has not yet been disclosed. However, four validators is not sufficient to generate a valid signature. A fifth key is needed and the attacker obtained this key through an open RPC to the Axie DAO validator. This RPC was opened back in November 2021 to handle the Ronin network’s load; the practice was stopped in December 2021, but the RPC access was never revoked, which allowed the attacker to obtain the essential fifth key (Step 2) to generate a valid signature for withdrawals. Step 3, the final step, involved issuing simple withdrawal requests for ETH and USDC using the generated signatures
Interestingly, the bridge did not only hold ETH and USDC, but also large quantities of AXS tokens. The attacker did not choose to withdraw those tokens from the bridge. Given they had the five necessary keys, they certainly could have done so. The impact of this would have been to the tune of almost USD 3 billion! Why they did not do so is unknown. It could have been merely an oversight or simply realizing that cashing out on large quantities of AXS tokens was not feasible due to low liquidity.
Nobody noticed for 6 days
The other interesting fact of this attack was that it remained undiscovered for six days! A user tried to withdraw 5,000 ETH from the Ronin bridge, which failed, which was the trigger for the investigation, subsequent public disclosure, and pausing of the bridge. It is important to note that the bridge was actively being used by users in this period and several thousand ETH and USDC deposited after the attack were subsequently at risk.
Inability to identify attacks as they occur not only put further user assets at risk, but also diminishes the ability to contain the blast radius of the attack. The attacker was given ample opportunity to exchange funds to native tokens and send funds to exchanges without any watchful eyes. Forta, a decentralized real-time detection network for security & operational monitoring of blockchain activity, is an essential layer to a comprehensive security approach. It monitors each transaction and generates alerts to identify an imminent or attacks in progress.
How Forta could have helped detect it
Figure 3 – Ronin Bridge Attack Timeline
For the attack in question, two high confidence alerts fired. The first one at 03/23/2022 01:46:46 PM UTC indicating high gas usage (shown in Figure 4) and the second one a few minutes later on high value transactions. While these alerts are fairly noisy overall, in context of the Ronin bridge contract, it was highly abnormal and could have represented a high confidence signal of an attack as shown in Figure 5.
Figure 4 – High Gas Alert
Figure 5 – Priority Fees for Ronin Bridge Transactions
The Ronin attack was yet another unfortunate attack that may have been prevented through a comprehensive security approach. Large numbers of users have lost funds either through the token theft or unexpected price movement that was triggered by the attack. It seems like Sky Marvis secured 150M in funds and is planning to use a portion of those funds to mitigate the financial impact of the attack.
Financial impact is just one consequence of this attack; loss of trust is another that is much more difficult to repair. We urge all Web3 projects to consider their approach to security. Was an audit conducted? Do you have a bug bounty in place? Do you have monitoring and incident response processes? Forta can help you to quickly put comprehensive monitoring coverage in place for your project supporting a broad range of L1/L2 chains. Build your own detection bot or subscribe to existing bots on the Forta App to get started.
Get into all the details
USDC – 0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48
WETH – 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2
AXS – 0xBB0E17EF65F82Ab018d8EDd776e8DD940327B28b
SLP – 0xCC8Fa225D80b9c7D42F96e9570156c65D6cAAa25
RON – Native Token to Ronin Bridge
Ronin is a side chain that supports the Axie Infinity game. The chain token is RON; the game tokens are AXS and SLP. The side chain is required for low cost, high transaction volume to support the game ecosystem. To create high throughput, the blockchain trilemma caused Ronin to compromise on decentralization to support speed.
In order to transfer funds from Ethereum Mainnet to the Ronin network, the Ronin Bridge must be used. It holds SLP, AXS, ETH and USDC. Prior to the hack, it held nearly 3.6B US Dollars.
– Category: Gaming; Play-to-Earn
– Twitter Handle: @Ronin_Network
– Chains supported: Ethereum Mainnet/Ronin
– Launch Date: 2/1/202
To create high throughput, the Ronin bridge compromised on decentralization to support speed, which made it susceptible to this attack. Further, the overall security approach of the project was weak with crucial aspects, such as auditing and monitoring lacking.
Total: ~986M USD (estimates based on token prices in USD at time of the hack)
Loss in tokens stolen:
173,000ETH (~519M USD)
Losses in market cap of affected tokens (example chart on RON price movements shown below):
RON – ~66M USD MarketCap Loss
SLP – ~10.76M USD MarketCap Loss
AXS – ~365M USD MarketCap Loss