Swift Recovery for Ronin Network Post $12 Million Bridge Breach

ChainPlay

•

3 months ago

Share :

On Tuesday, the bridge between Ethereum and Ronin, a gaming-focused sidechain, was halted due to another exploit. This led to the loss of around $12 million in assets, but most of the funds have since been returned.

About the Stolen Assets

Ronin co-founder Aleksander Larsen announced the incident on Twitter. Ethical hackers identified the potential "MEV exploit." He assured users that the bridge, securing over $850 million in assets, remains safe.

The Ronin account revealed that about 4,000 ETH and $2 million in USDC stablecoin were stolen, totaling $12 million. Safeguards limited the damage by capping the size of any single Ronin withdrawal.

By late Tuesday morning, the Ronin team confirmed the return of about $10 million worth of ETH. They anticipated the return of the remaining USDC later in the day. The white hat hackers who reported the exploit and returned the funds will receive a $500,000 reward.

Source: X

The Ronin team blamed the exploit on a bridge upgrade earlier that day. This upgrade caused the bridge to misinterpret the required vote threshold for withdrawing funds.

Adrian Hetman from blockchain security firm Immunefi explained that bridge upgrades are common attack vectors. They can introduce vulnerabilities that, if not properly secured, can lead to significant losses. He cited the 2022 Nomad protocol attack as an example.

Ronin developers announced plans to audit the bridge code before bringing it back online. They intend to work with network validators to change the bridge's operational structure.

Ronin is a gaming-focused network initially launched for Axie Infinity. The network has since expanded to include other games, such as the social farming game Pixels.

Source: X

Impact on Ronin's Token

Despite the exploit, Ronin's native token, RON, was only modestly affected. The price declined following the attack but rebounded slightly, remaining up over 2% in the past day. As of press time, RON is priced at $1.43, down 27% over the last week.

In fact, this is not the first time the Ronin bridge has been compromised. In March 2022, a major hack resulted in the loss of $622 million, attributed to North Korea's Lazarus hacking group. The bridge was down for months but was revived with added decentralization measures, and Sky Mavis refunded affected users. A smaller incident in February saw $9.5 million worth of ETH taken from Ronin wallets.

Ronin representatives declined further comment but promised a full postmortem report next week.

Larsen's reference to maximum extractable value (MEV) bots highlights the controversy around these tools. MEV bots monitor blockchains for profit opportunities and exploit them through automated transactions. Critics argue that they exploit users, increase fees, and centralize power to tech-savvy operators. Supporters claim they provide necessary market efficiency. The debate reflects the tension between profit-seeking behavior and blockchain ideals of equal access.

Importance of Security Measures

This incident highlights growing concerns over blockchain bridge security. Immunefi reported that over $1.19 billion has been lost to hacks and fraud this year, a 16.3% increase from last year. Bridges remain a prime target for attacks.

Hetman emphasized the importance of robust security measures for bridges. He noted that bridges handle large amounts of money daily, making them attractive targets for both black hat and white hat hackers. Ensuring the security of these bridges is crucial to protecting users and projects.