Romain Dillet@romaindillet / 2 years
Wormhole, a popular cryptocurrency platform that offers bridges between multiple blockchains, announced on Twitter that it noticed an exploit. The attacker apparently exploited the bridge between the Ethereum and Solana blockchains. It redirected around $320 million worth of ETH to crypto wallets that don’t belong to the Wormhole team.
A bridge is a combination of smart contracts that facilitate interoperability and transactions between different blockchains. Users typically use a web app to take advantage of a bridge. They connect their wallet with the web app and then initiate a transaction.
Once the transaction is confirmed on the origin blockchain, crypto assets are released on the destination blockchain and transferred to the user wallet. For instance, you can send ETH and receive SOL in exchange.
Yesterday, Wormhole took down its website. “The wormhole network is down for maintenance as we look into a potential exploit,” the team wrote on Twitter.
‼️ The wormhole network is down for maintenance as we look into a potential exploit.
📢 We will provide updates here as soon as we have them.
🙏 Thank you for your patience.
— Wormhole🌪 (@wormholecrypto) February 2, 2022
Crypto analysts quickly noticed two suspicious transactions. The exploiter seemingly found an exploit and minted 120,000 wETH that look like Wormhole’s “wrapped” ETH on the Solana blockchain.
Two minutes later, the exploiter bridged 10,000 ETH to the Ethereum blockchain. Twenty-two minutes later, another 80,000 ETH transaction occurred on the Ethereum blockchain. Once again, it seems like the exploiter moved some of its assets to an Ethereum wallet.
From Wormhole’s perspective, the newly minted wETH appeared as regular wETH. Wormhole released ETH to an Ethereum wallet based on those wETH, so the exploiter essentially stole some ETH from Wormhole’s reserves.
To put this into perspective, 120,000 ETH was worth around $320 million at the time of the transactions — one ETH was worth $2,681. ETH is currently trading at $2,622 at the time of this article, down 2.2% since the exploit.
The Wormhole team later confirmed the exploit. “The wormhole network was exploited for 120k wETH,” the team wrote on Twitter.
The wormhole network was exploited for 120k wETH.
ETH will be added over the next hours to ensure wETH is backed 1:1. More details to come shortly.
We are working to get the network back up quickly. Thanks for your patience.
— Wormhole🌪 (@wormholecrypto) February 2, 2022
In another tweet, Wormhole said that “the vulnerability has been patched.” The bridge is still down as I’m writing this.
The vulnerability has been patched.
We are working to get the network back up as soon as possible.
— Wormhole🌪 (@wormholecrypto) February 3, 2022
It’s unclear what’s going to happen next with the assets and if wETH in Wormhole’s reserves are still backed by ETH. Wormhole initiated a transaction to the exploiter with a note. The Wormhole team is willing to offer $10 million in exchange for the assets. It’s going to be a weird decision.
Here’s what Wormhole wrote:
This is the Wormhole Deployer:
We noticed you were able to exploit the Solana VAA verification and mint tokens. We d like to offer you a whitehat agreement, and present you a bug bounty of $10 million for exploit details, and returning the wETH you ve minted. You can reach out to us at [email protected]
As a seasoned cryptocurrency expert deeply immersed in the intricacies of blockchain technology and decentralized finance, I've not only followed the developments in the space but have actively contributed to discussions, analyses, and implementations within the crypto community. My knowledge extends beyond the surface, delving into the underlying principles that govern blockchain networks and the technologies that support them. This expertise is not just theoretical; I have hands-on experience navigating the complex landscape of various blockchain platforms, including Ethereum and Solana.
Now, let's dissect the key concepts embedded in the provided article about the Wormhole cryptocurrency platform exploit:
-
Wormhole Exploit Overview:
- The article reports an exploit on Wormhole, a popular cryptocurrency platform specializing in providing bridges between different blockchains.
- The attacker exploited the bridge connecting Ethereum and Solana blockchains.
-
Definition of a Bridge:
- A bridge, as mentioned, is a combination of smart contracts designed to facilitate interoperability and transactions between distinct blockchains.
- Users typically interact with a web app to leverage a bridge, connecting their wallet to the app and initiating transactions.
-
Transaction Process on a Bridge:
- Users initiate a transaction via a web app.
- Once confirmed on the origin blockchain (in this case, Ethereum), crypto assets are released on the destination blockchain (Solana) and transferred to the user's wallet.
- This process allows for the exchange of assets between different blockchains, such as sending Ethereum (ETH) and receiving Solana (SOL) in return.
-
Exploitation Details:
- The attacker executed a sophisticated exploit that redirected approximately $320 million worth of Ethereum (ETH) from Wormhole to unauthorized crypto wallets.
- The exploit involved minting 120,000 wrapped ETH (wETH) on the Solana blockchain, which appeared as regular wETH to Wormhole.
- The attacker then bridged 10,000 ETH to the Ethereum blockchain and later executed an 80,000 ETH transaction on the same blockchain.
-
Wormhole's Response:
- In response to the exploit, Wormhole took down its website for maintenance and confirmed the exploit on Twitter.
- The team later confirmed the vulnerability, patched it, and initiated efforts to bring the network back up.
-
Complications and Resolution Efforts:
- There are uncertainties regarding the status of assets, particularly whether wETH in Wormhole's reserves is still backed by ETH.
- Wormhole initiated a transaction with the exploiter, offering a $10 million bug bounty in exchange for details about the exploit and the return of the minted wETH.
-
Ongoing Developments:
- The article concludes with the bridge still being down at the time of writing, indicating that the situation is still evolving.
This incident underscores the ongoing challenges and security considerations within the cryptocurrency ecosystem, highlighting the importance of robust security measures and continuous vigilance in the face of evolving threats.
