Norwegian Authorities Seize Crypto Worth $6M From Axie Infinity Heist With FBI’s Help

February 18, 2023 Bitcoin.com

Battle-hardened Ronin bridge to Axie reopens following $600M hack

June 29, 2022 Coin Telegraph

Battle-hardened Ronin bridge to Axie reopens following 0M hack

The Ronin bridge tied to Axie Infinity is back up with a new design after Sky Mavis introduced a circuit breaker system and daily withdrawal limits.

Sky Mavis, developers of the popular play-to-earn (P2E) NFT game Axie Infinity have announced that the Ronin bridge is back online three months after it was hacked for more than $600 million.

The Ronin bridge is an Ethereum sidechain built for Axie Infinity, and it enables users to transfer assets between the sidechain and the Ethereum mainnet.

On March 29, 173,600 Ether (ETH) and 25.5 million USD Coin (USDC) was drained from the bridge after hackers managed to gain access to private validator keys. The hack was worth more than $620 million at the time.

According to the June 28 announcement from the Sky Mavis team, the Ronin bridge is back online after three audits (one internal, two external), a new design and full compensation of users' stolen assets.

“All wETH and USDC owned by Ronin Network users is now fully backed 1:1 by ETH and USDC on Ethereum, as promised. All users’ have been made whole.”

In total, Sky Mavis has now reimbursed 117,600 ETH and 25.5 million USDC by providing the ETH liquidity to back users’ wrapped ETH (wETH) on the Ronin network.

In April, around 46,000 of that ETH had already been compensated after Binance provided a bridge to its exchange so that users could swap out wETH for ETH. Liquidity was sourced from the Axie Infinity balance and founders' funds to support the move. Binance also led a $150 million funding round to help Sky Mavis repay Axie Infinity users.

The remaining 56,000 of the total stolen ETH belongs to the Axie DAO Treasury and will remain uncollateralized as Sky Mavis “works with law enforcement to recover the funds.”

good job.
— CZ Binance (@cz_binance) June 28, 2022

As part of the revamped bridge design, Sky Mavis has updated the smart contract software to enable validators to set daily withdrawal limits, with the initial amount set at $50 million at this stage. The team also introduced a circuit breaker system that breaks down the monetary value of withdrawals into three tiers.

Tier 1 is for withdrawals less than $1 million, and requires 70% of validators to sign off, and tier 2 is for amounts greater than $1 million and requires 90% of validator signatures. Tier 3 is for withdrawals greater than $10 million and requires a 90% validator sign-off, a small transaction fee and a seven-day review process.

“The new bridge design includes a circuit-breaker system as a contingency plan which increases the security of the bridge by halting large suspicious withdrawals.”

Sky Mavis admitted in a postmortem report in late April that its lack of decentralization had made the Ronin bridge vulnerable to the hack. At the time it had just nine validator nodes, with employees having access to four of them.

After promptly raising the number of node to 11, Sky Mavis outlined intentions to raise the count to 21 within three months of the postmortem, with the long-term goal of surpassing 100 total nodes.

The team did not provide an update on how many validators nodes the Ronin network now has in the latest announcement however.

Axie Infinity has seen its monthly NFT sales volume tank dramatically in 2022, with data from CryptoSlam showing that the game went from generating $126.4 million in January to just $2.8 million in June.

Plan for $1M bug bounties and double the nodes in wake of $600M Ronin hack

April 28, 2022 Coin Telegraph

Plan for M bug bounties and double the nodes in wake of 0M Ronin hack

Axie Infinity

The Ronin Network and Sky Marvis are significantly upgrading their security measures after they vowed to ensure a hack “never happens again.”

The Ronin Network and Sky Mavis have vowed to upgrade their smart contracts, offer lucrative bug bounties and ramp up security following the $600 million hack late last month.

As Cointelegraph previously reported, the Ethereum sidechain developed for the popular NFT game Axie Infinity was the victim of an exploit for 173,600 Ether (ETH) and 25.5 million USD Coin (USDC) worth more than $612 million at the time.

Earlier this month the Federal Bureau of Investigation (FBI) attributed the attack to North Korea-based and state-sponsored hacking group Lazurus, as it fired off a warning to other crypto and blockchain organizations.

Ronin announced its platform changes via a post-mortem report published yesterday, noting that all user funds are in the process of being restored as it vowed to make sure this “never happens again.”

We have put together a postmortem regarding the Ronin exploit that occurred on March 23rd.

• Why it happened
• What we're doing to make sure this never happens again
• Ronin bridge re-opening updatehttps://t.co/FfwCtCG84E
— Ronin (@Ronin_Network) April 27, 2022

The hack run down

The hack was the result of a spear phishing attack on a former Sky Mavis employee (developers of Axie Infinity). The bad actor was able to leverage the employee’s credentials to access Sky Mavis’s four validator nodes out of a total of nine in the Axie/Ronin ecosystem.

This by itself was not enough to do any damage, but “the attacker found a backdoor through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator.”

“This traces back to November 2021 when Sky Mavis requested help from the Axie DAO to distribute free transactions due to an immense user load. The Axie DAO allowlisted Sky Mavis to sign various transactions on its behalf. This was discontinued in December 2021, but the allow list access was not revoked,” the report reads.

Following the hack, big changes are being implemented at both Sky Mavis and the Ronin Network.

Ronin

The Ronin Network hopes to have its bridge open again by mid to late May, with Binance providing support until then with withdrawal and deposit infrastructure for Axie users.

The team is about 80% through upgrading Ronin bridge smart contracts, they’ll be reworking the backend, migrating all pending withdrawals and launching a validator dashboard that “allows for approving large transactions and adding/removing new validators.”

“The Ronin Network bridge is currently being redesigned and will open once we are confident that it can stand the test of time. We initially expected to be able to deploy the upgrade by the end of April, but this is not a process that we can afford to rush.”

Sky Mavis

Sky Mavis will ramp up its security measures by seeking the help of “top tier security experts,” conducting contract audits and implementing stricter internal procedures such as training courses to “combat external threats.”

Notably, it will also be significantly upping its node count to help decentralize the project. Having already increased from nine to 11, Sky Mavis intends to get that number up to 21 within three months. Longer-term, the project is eyeing more than 100 nodes.

Sky Mavis will also be launching bug bounties of up to $1 million for any white hat hackers who are able to find further vulnerabilities.

“We recognize the importance and value of security researchers’ efforts in helping keep our community safe. Sky Mavis is offering bounties of up to $1 million to encourage responsible disclosure of security vulnerabilities.”

Axie Infinity hack