ivo.eth 🧙🏻‍♀️ Profile picture
Jun 24, 2022 9 tweets 4 min read Read on X
A hacker stole $100 million from the bridge connecting Ethereum and @harmonyprotocol a few hours ago.

Let's explore how the #harmony bridge works and what allowed this to happen 1/9 Image
The bridge is relatively simple - users lock tokens on the Ethereum side and a multisig mints tokens on Harmony.

When going the opposite way users burn tokens on Harmony and a multisig requiring 2 signatures unlocks tokens on Ethereum 2/9 Image
Every time an unlock happens on Ethereum the bridge smart contract emits an event that includes the transaction id of the associated burn transaction on the Harmony blockchain.

Let's follow a normal Harmony to Ethereum unlock 3/9 Image
This was one of the last transactions before the bridge was paused: etherscan.io/tx/0x723a1dde9…

If we look at the emitted events we see that it's associated with the following Harmony transaction: explorer.harmony.one/tx/0x7cd65d048…

Everything looks fine. 4/9
Now let's look at one of the transactions used to drain the bridge. $10 million USDT is unlocked on Ethereum: etherscan.io/tx/0x6487952d4…

The unlock is associated with the following transaction on Harmony: 0xD48D952695EDE26C0AC11A6028AB1BE6059E9D104B55208931A84E99EF5479B6 Image
However, no such transaction exists on Harmony. I looked for it in the block explorer, I also tried calling hmyv2_getTransactionReceipt from several Harmony RPC nodes but they all return null.

This is the case for all transactions initiated by the hacker. 6/9
What does that mean?

If the attacker managed to unlock tokens on Ethereum without burning tokens on Harmony that most likely means that this is another Ronin-style hack. 7/9
The hacker probably managed to get access to the 2 private keys that are part of the multisig which can calls unlock() on the Ethereum side.

@_apedev wrote a thread a few months ago asking Harmony how these EOA are secured:
This also explains why the Harmony team added more signers to the multisig after the hack.

Securing bridges is hard.

I hope this will serve as a reminder that even if your smart contracts are secure your off-chain code & opsec must be on point as well. 9/9

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with ivo.eth 🧙🏻‍♀️

ivo.eth 🧙🏻‍♀️ Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @0xIvo

Aug 3, 2022
What does an inflationary DeFi protocol do when it runs out of tokens to pay out rewards?

Well if it's @_ThorFinancial the team abuses a backdoor in their token contract to send burned tokens to a dev wallet

They can use the same backdoor to steal $THOR from any holder

🧵👇1/8 Image
$THOR has a max supply of a little over 20 million, but until recently only 1 million was in circulation, the other 19 million was "burned" sent to 0x000dEaD.

So how is it possible that the burn address sent 316,000 $THOR to a dev wallet 2 days ago? 2/8
snowtrace.io/token/0x8f4741…
The team exploited a backdoor in their own contracts. What's even more worrying is that they can use the same backdoor to drain all liquidity pools and steal $THOR from any hodler.

2 days ago they executed a series of 12 transactions which did the following: Image
Read 9 tweets
May 19, 2022
$650k was lost in another cross-chain bridge hack.
This time the victims are @QANplatform and $QANX token holders.

The hacker exploited a vulnerability in the centrally operated off-chain message signer. Let's explore how that happened 👇 1/10 Image
The bridge smart contract was audited by @CertiK The contract is surprisingly small for a bridge - about 100 lines of code: etherscan.io/address/0xaaa4…

The contract allows a sender to deposit $QANX on chain A and withdraw the corresponding amount of $QANX minus fees on chain B. 2/10
Every deposit returns a deposit id, and every withdrawal requires a signed deposit id from the sender chain. The deposit id consists of deposit amount, sender, destination and nonce.

As long as the off-chain signer operates properly the bridge is safe. 3/10
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(