October 1, 2022

Arbitrum, a popular Layer 2 solution for Ethereum, got involved on September 19th with a white hacker. source, a hacker discovered a potential vulnerability in Arbitrum’s code. As a result, the network used 400 ETH, worth about $560,000, as a payout.

Over the years, many hacks and exploits have hit the crypto industry in various dimensions. Some hacking incidents are related to vulnerabilities that hackers discover in crypto networks.

Some white-collar hackers will sometimes settle down and get a reward from the protocol. But other hackers will take whatever funds they find because of a network breach.

A hacker named Riptide on Twitter, discovered flaws in smart contracts written in Solidity. Riptide was discovered after scanning the Arbitrum Nitro code a few weeks before its release. The hacker wanted to check the contracts to make sure their update was successful.

A hacker discovered a vulnerability in the Arbitrum L1-L2 Bridge

After a full update, Riptide picked up some bugs with the bridge that were preventing it from working flawlessly. Finally, the hacker did some detailed checks and discovered a delay in the bridge’s inbox sequencer.

According to Riptide, a user can sign and publish an L1 transaction to the Delayed Inbox of the Arbitrum chain to send a message to the Sequencer. Such a process is generally applied when using a bridge to deposit ETH or other tokens.

By rescanning the contract, the hacker recognized a critical vulnerability in the contract. Riptide noticed that the inbox sequencer had a bug that could make him or any bad actor out of millions of dollars.

Before being noticed, they could divert incoming ETH deposits from the L1 to L2 bridge to their own wallets.

After its discovery, Riptide reported the vulnerability to Arbitrum and claimed a reward of only 400 ETH. However, the outbid caught Arbitrum by surprise as they had already offered a maximum of $2 million to the hacker.

Crypto space and white hat hacking

The crypto space has faced several white hat hacks. Such cross-platform hacks are linked to uncovering potential vulnerabilities in the network’s smart contracts or code.

Orchid Employee DeFi VPN Protocol Jay ‘Saurik’ Freeman, registered a vulnerability in Optimism, an Ethereum L2 scalability solution. As a result, the protocol awarded Freeman with $2 million.

Arbitrum pays the hacker a large reward for identifying the bug
Ethereum price rises on chart l Source: ETHUSDT on TradingView.com

Coinbase also parted ways with $250,000 from a hacker known as ‘Tree of Alpha’ in mid-February. A hacker discovered a flaw in the ‘Advanced Trading’ function of a crypto exchange and saved a loss of about a billion dollars. Coinbase reported that the payout was the largest reward in its history.

Recall that in March 2022, Arbitrum suffered a hacking exploit and lost over 100 NFTs to TreasureDAO. The tokens were worth about $1.4 million at the time of the incident.

Featured image Pixabay, Chart: TradingView.com

Source link

Leave a Reply

Your email address will not be published.