Solana Bridge Hack and the Safety of Crypto Token Bridges
A few days ago Wormhole, a popular crypto bridge was hacked. The attack allowed the hacker to be able to mint 120,000 wrapped Ethereum worth about $325 million. It is one of the largest exploits in crypto history and the second largest in the DEFI space.
Before getting into this further, let’s first discuss a little background on crypto bridges.
Different blockchains cannot communicate with each other. Cross chain bridges have been developed to allow users to send crypto from one blockchain to another. One example would be sending a wrapped token pegged to the price of the original coin. Another example would be sending a stablecoin like Tether from one chain to another.
There are two types of bridges: centralized and decentralized smart contract. Wormhole is an example of the decentralized type (DEFI).
Smart contract bridges work by locking up the original coin in a smart contract. Then a new wrapped token is minted on the target chain.
In this case, the smart contract on the Solana side had an exploit or bug that allowed the hacker to mint the Solana wrapped Ether(wETH). The attacker then sent the wETH back through the bridge and converted the tokens to real Ethereum.
Two potential security issues with bridges are the bridge itself and the smart contract. The smart contract code is on both sides of the bridge. In this case, it was a smart contract code hack on the Solana side.
Wormhole offered the hacker an opportunity to become a white hat. They sent a message to the hacker saying that they will pay 10 million dollars in exchange for exploit details and the return of all the wETH minted.
Wormhole is now back up and running. You can see from the screenshot below that it offers bridging between 7 different blockchains. Most of these blockchains are in the top 10 in marketcap.
Most people believe that the company backing Wormhole paid for the missing funds and not the hacker. It’s a little hard to believe any company even an investment firm or hedge fund could afford to replace the missing money. This story had a happy ending for those users of the platform whose money was at stake. Though that may not be the case the next time something like this happens.
I worry that in the future we will see more hacks in the DEFI space. This is unfortunate for many of us who are invested in this. DEFI is heavily run on smart contract code and there always the possibility of hackers finding opportunities to exploit.
While on the topic of bridges, before I go here is a funny meme that I found online.
Nice post and memes! !1UP30 !PIZZA !PGM
PIZZA Holders sent $PIZZA tips in this post's comments:
@dynamicrypto(7/15) tipped @ninjamike (x1)
You can now send $PIZZA tips in Discord via tip.cc!
You have received a 1UP from @dynamicrypto!
@leo-curator, @meme-curator, @neoxag-curator, @pob-curator, @vyb-curatorAnd they will bring !PIZZA 🍕
Learn more about our delegation service to earn daily rewards. Join the family on Discord.
Congratulations @ninjamike! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s):
Your next target is to reach 4750 upvotes.
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOPCheck out the last post from @hivebuzz:
Support the HiveBuzz project. Vote for our proposal!