Summary of Cross-chain Bridge Attacks 2022

Summary of Cross-chain Bridge Attacks 2022

Summary of Cross-chain Bridge Attacks 2022

Summary of Cross-chain Bridge Attacks 2022

Summary of Cross-chain Bridge Attacks 2022

Read Time: 6 minutes

As newer blockchains continue to launch, cross-chain bridges are becoming more indispensable than ever to enhance the interoperability between blockchain ecosystems. 

Having said that, the new innovation also lays the surface for a large number of attack vectors. According to Chainalysis, Cross-chain bridge hacks alone make up to 69% of stolen funds in 2022. 

There have been 13 cross-chain bridge attacks back and forth, with 2022 being the year with the most majority. 

This article gives a concise of all the cross-chain hack events of 2022 for better clarity on the security of cross-chain bridges in today’s times. 

How Do Cross-Chain Bridges Yield Interoperability Of Crypto Assets?

Let’s understand the operation of a cross-chain bridge through an example. 

A user has assets on the Ethereum network but needs to use them on Polygon. He immediately seeks a centralized exchange like Coinbase or Binance and converts his ETH holdings into MATIC to use on Polygon. 

Now, he wants the remaining MATIC token to be converted back into ETH. So, he will have to go through the same process all over again. 

Interestingly, cross-chain bridges get the process straight and provide an easier way to transfer assets back and forth between different blockchain networks. 

How does it do that?

Most cross-chain bridges function on the lock-and-mint model to achieve interoperability

The same scenario wherein the user wants to use ETH tokens on the Polygon network. Let’s look at how he can do it through a cross-chain bridge.

  • The user can send the ETH token to a specific address on the Ethereum chain and pay the transaction fee. 
  • The ETH tokens are locked in a smart contract by the validator or held by a custodial service.
  • Now MATIC tokens of value equal to locked ETH tokens are minted on the Polygon chain (i.e. destination chain)
  • The user receives the MATIC token in his wallet and he can use it to make transactions 

What if the user wants to get back his ETH token?

This is where the ‘burning of tokens’ comes into the picture. 

  • User can send their remaining MATIC token in the wallet to a specific address in the Polygon chain. 
  • These MATIC tokens are burned such that the funds cannot be reused
  • The smart contracts or custodial service releases the ETH token and credits them in the user’s wallet. 

In reality, cross-chain bridges work by wrapping tokens to be used from one blockchain to another. 

If a user wants to use Bitcoin in the Ethereum network, cross-chain bridges convert the BTC in Bitcoin blockchain into wrapped Bitcoin (wBTC) on the Ethereum blockchain. 

By looking at this, we can easily say there are considerable complexities as the source, and destination blockchain uses two different smart contracts. And therefore, issues from either side puts the user’s funds at risk. 

Bridges Can Be Of Two Types: Trusted & Trustless

Broadly, the bridge type determines who holds power over the funds. 

Trusted bridges are operated by central entities that take custody of the funds transferred through bridges.

Trustless bridges function on smart contracts and algorithms, and the smart contract itself initiates every action. So in that way, users have control over their assets. 

Disruptions That Led To Cross-Chain Bridge Breaches

Recent records of hacks from 2021-22 clearly depict that DeFi bridges are the most sought-after targets by attackers. 

Tracing the hacks that have ever happened since the foundation of cross-chain bridges

As said before, 2022 contributes to the majority of hacks and let’s look at what went wrong in all of these hacks. 

BSC (Unaudited)

“2M BNB token worth $586M stolen from BSC token hub.”

BSC token hub is a Binance bridge connecting the old Binance Beacon chain and the BNB chain. The attacker by showing false proof of deposit on the Binance Beacon chain, minted 2M BNB from the BNB bridge.

The hacker exploited the flaw in the Binance bridge that verified proofs and borrowed 1M BNB each from two transactions. 

The attacker then used the borrowed fund as collateral on the BSC lending platform Venus protocol, and the liquidity was instantly transferred to other blockchain networks.

Nomad Attack

“Nomad bridge fell for a savage attack losing $190M of liquidity”

Nomad turned out to be a permissionless hack that anyone could join in and exploit. Following the routine contract upgrade, the Replica contract was initialised with a bug. 

process() function is responsible for cross-chain message execution and has an internal requirement to validate the merkle root for processing the messages. 

Taking advantage of the coding bug, the exploiter was able to call the process() function directly without having to ‘prove’ their validity.

The bug in the code validated the ‘messages’ value of 0 (invalid, according to legacy logic) as ‘proven’. Thus, this meant any process() call was approved as valid, leading to the exploit of funds from the bridge.

Many hackers took the chance to loot massive money through a simple copy/paste of the same process() function call via Etherscan. 

Harmony Bridge

“Harmony hit the hard road losing over $100M to a private key compromise”

Harmony bridge was secured by 2 of 5 multisig, where the attack vector managed to gain access to two addresses. 

The hacker used the compromised address that was necessary to pass any transaction and finally took $100M in their hands from the bridge. 

Few suspect that the private key compromise may be due to the hacker gaining access to the servers that run these hot wallets. 

Ronin Network (unaudited)

“The biggest of the crypto hacks – Ronin exploit for ~$624M”

Ronin was an Ethereum side-chain that worked on the Proof of Authority model with nine validators for approving transactions.

Five out of nine validator approval is required to approve deposit and withdrawal transactions. Out of this, four validators are internal team members, and only one more signature is needed to authorize transactions. 

In addition to compromising the four internal validator nodes, the hacker also gained access to this fifth signature, draining the funds from the Ronin bridge contract. 

Regrettably, the attack was identified after it’s been almost a week. 

Meter.io (Unaudited)

“$4.4M taken from Meter.io due to bridge attack”

Meter.io, a fork of chainSafe’s ChainBridge, launched with a change in the deposit method by the ERC20 handler. 

The discrepancies in the deposit method were leveraged by the hacker, who loots away funds by sending an arbitrary amount in the calldata.

Wormhole

“Wormhole incident with the hacker netting $326M in the process”

Wormhole, a Solana bridge, was manipulated to believe 120k ETH was deposited on Ethereum, which allowed the hacker to mint equivalent wrapped assets on Solana. 

The hackers took advantage of the shortcomings in the ‘Solana_program::sysvar::instructions’ and in the ‘Solana_program’ that didn’t verify the address correctly. Using this, the attacker provided address containing just 0.1 ETH and produced a fake ‘Signature set’ to fraudulently mint 120k wrapped ETH on Solana. 

Qbridge (Unaudited)

“Qbridge under the lens for $80M exploit”

Qubit allows the cross-chain collateralisation of assets between Ethereum and BSC.

The logic error in the bug made xETH available on BSC without an ETH deposit on Ethereum. This made hackers acquire collateral loans on Qubit despite not having any deposits locked in the Ethereum contract. 

Some Light On Cross-Chain Bridge Security

In addition to the security measures in-built with the protocol design, performing thorough and regular audit check-ups minimises the risk surface of attacks. QuillAudits pioneer as a Tier-1 auditing firm with a good global reputation for securing projects. 

4,429 Views

Blockchain for dog nose wrinkles' Ponzi makes off ~$127M🐶

Project promised up to 150% returns on investment in 100 days, raising about 166.4 billion South Korean won — or about $127 million — from 22,000 people.

Latest blogs for this week

Understanding Fuzzing and Fuzz Testing: A Vital Tool in Web3 Security

Read Time: 5 minutes When it comes to smart contracts, ensuring the robustness and security of code is paramount. Many techniques are employed to safeguard these contracts against vulnerabilities
Read More

How EigenLayer’s Restaking Enhances Security and Rewards in DeFi

Read Time: 7 minutes Decentralized finance (DeFi) relies on Ethereum staking to secure the blockchain and maintain consensus. Restaking allows liquid staking tokens to be staked with validators in
Read More

ERC 404 Standard: Everything You Need to Know

Read Time: 7 minutes Introduction Ethereum has significantly shaped the crypto world with its introduction of smart contracts and decentralized applications (DApps). This has led to innovative developments in
Read More

DNS Attacks:  Cascading Effects and Mitigation Strategies

Read Time: 8 minutes Introduction DNS security is vital for a safe online space. DNS translates domain names to IP addresses, crucial for internet functionality. DNS ensures unique name-value
Read More

EIP-4844 Explained: The Key to Ethereum’s Scalability with Protodanksharding

Read Time: 7 minutes Introduction  Ethereum, the driving force behind dApps, has struggled with scalability. High fees and slow processing have limited its potential. They have kept it from
Read More

QuillAudits Powers Supermoon at ETH Denver!

Read Time: 4 minutes Calling all the brightest minds and leaders in the crypto world! Are you ready to build, connect, and innovate at the hottest event during ETH
Read More

Decoding the Role of Artificial Intelligence in Metaverse and Web3

Read Time: 7 minutes Introduction  Experts predict a transformative shift in global software, driven by AI and ML, marking the dawn of a new era. PwC predicts AI will
Read More

Transforming Assets: Unlocking Real-World Asset Tokenization

Read Time: 7 minutes In the blockchain, real-world assets (RWAs) are digital tokens that stand for tangible and conventional financial assets, including money, raw materials, stocks, and bonds. As
Read More
Scroll to Top

Become a Quiffiliate!
Join our mission to safeguard web3

Sounds Interesting, Right? All you have to do is:

1

Refer QuillAudits to Web3 projects for audits.

2

Earn rewards as we conclude the audits.

3

Thereby help us Secure web3 ecosystem.

Total Rewards Shared Out: $200K+