More than three months after one of the biggest DeFi heists to date was executed by the attackers, the Ronin bridge is once again operational. The bridge that links the NFT game Axie Infinity’s Ronin sidechain to the Ethereum mainnet is now operational again after an exploit resulted in the theft of cryptocurrency assets worth $622 million.
In terms of total trade volume, the most popular NFT-based video game, Axie Infinity, saw one of the biggest DeFi hacks ever in March. The bridge that was exploited to link Ethereum to the game’s sidechain has now been fixed.
The Ronin Bridge is open!
— Axie Infinity?? (@AxieInfinity) June 28, 2022
• All user funds are fully backed 1:1 by the new bridge.
• The bridge has undergone an internal audit and two external audits.
• We are still on track to release Land Staking this week.
? : https://t.co/QX9hY1xKYX
Almost three months to the day after the studio revealed the hack, Axie Infinity creator Sky Mavis confirmed today that the Ronin bridge is again fully operational once more. The Ronin network may now accept deposits and withdrawals from users.
On March 23, the bridge—which lets users transfer funds between the Ronin sidechain and Ethereum’s mainnet—was breached, and the thieves made off with 173,600 ETH and 25.5 million USDC stablecoin.
At the time of the attack, the assets’ total value was around $552 million, and it had increased to $622 million by the time Sky Mavis disclosed the exploit on March 29.
The Lazarus Group, a notorious North Korean state-sponsored cyber organization, was linked by the US Treasury in April to the Ronin bridge attack. Lazarus had previously been connected to the 2014 Sony Pictures hack, the 2017 WannaCry ransomware attack, and other exploits.
The Ronin Bridge was going to be restored last week, and Sky Mavis revealed that to do so, the network would need to undergo a hard fork. To enable the restart, all Ronin validators have to upgrade their software. Along with external audits from Verichains and Certik, the firm audited the code internally.
Users of Ronin who had money taken in the attack have received refunds, according to Sky Mavis. The business stated in a blog post today that “all users have been made whole.”
The Ronin bridge was susceptible because of insufficient decentralization, according to the creator of Axie Infinity, whose company controlled roughly half of the validators who authorized transactions. Ultimately, the firm claimed, the attacker was able to sign transactions to steal the money by accessing five of the nine total validators via “hacked private keys.”
Image Credit: Shutterstock
Keep in mind that we may receive commissions when you click our links and make purchases. However, this does not impact our reviews and comparisons. We try our best to keep things fair and balanced, in order to help you make the best choice for you.
