Early October 7th, CZ announced via Twitter that the BNB Smart Chain was experiencing an exploit on its cross-chain bridge, BSC Token Hub, that had resulted in the minting and transfer of extra BNB. 

Attacker Forged Proofs that Allowed them to Mint 2M BNB

The BNB Chain team soon published a blog post explaining that the attacker had managed to carry out ‘sophisticated forging of the low-level proof into one common library.’ 

Adrian Hetman, tech lead of the Triaging Team at Immunefi, a Web3 bug bounty program provider, explained in an interview with TechCrunch that the bug in the cross-chain bridge allowed the hacker to trick the logic of its smart contract into thinking their message proofs were valid ‘even though the hacker didn’t have valid claims to the funds.’ 

By doing so, the attacker convinced the cross-chain bridge to send them 1,000,000 BNB twice, the equivalent of $570 million at the time. In simple terms, the attacker had figured out a way of minting new BNB tokens.

Hacker Tried to Move the Funds to Different Chains

An initial investigation by the team at SlowMist revealed that the attacker then attempted to launder the funds through a series of transactions beginning with a 900k BNB deposit to Venus Protocol to borrow 62 million BUSD, 50 million USDT, and 35 million USDC. The attacker also began spreading their loot on the various networks to try to cover their tracks.

 

Attacker’s attempt to launder the stolen funds. Source, SlowMist on Twitter 

BNB Chain Was Successfully Paused, Preventing the Entire $570M from Being Stolen

At the same time, the BNB Chain team was working fast to mitigate the enormity of the hack. The team opted to contact all 26 active community validators in 44 different time zones to stop the incident from spreading. A decision was then made to suspend the BNB Smart chain to contain the exploit and help freeze any additional transfers. 

According to the SlowMist team, the suspension of the chain helped save an estimated $430 million worth of digital assets, with the attackers getting away with an estimated $110 million. CZ also gave a similar figure of $100 million lost due to the exploit. 

User Funds Were Not Affected, and the BNB Chain was Not Rolled Back

The BNB Smart Chain was restarted on the same day of the hack. The team soon released a hot-fix and hard fork of the blockchain that included the blacklisting of addresses to prohibit a continuation of the exploit. 

In an additional update of the event, the BNB Chain team explained that the blockchain was not compromised and no user funds were affected since the attacker had minted new BNB tokens. They also clarified that the blockchain ‘was never rolled back’ and its validators carried out ‘a synchronized pause and resume.’ 

Proposed Actions for the BNB Chain Moving Forward

The team at the BNB Chain has since proposed governance votes to determine the following four actions moving forward. 

  • What to do with the hacked funds? Should they be frozen or not? 
  • Whether to use the BNB auto-burn feature to cover the remaining hacked funds or not
  • The possible introduction of whitehat bug bounty programs with a $1 million reward for significant finds
  • An additional bounty for catching hackers with a 10% reward of recovered funds

Actions of the BNB Chain Validators Have Reignited Centralization vs. Decentralization Discussions

However, the swift actions of the BNB Chain team and the network's validators have reignited discussions as to whether the Binance-linked blockchain is genuinely decentralized. 

In a theoretically decentralized chain, the hack would have progressed in its entirety with the $570 million lost and the bug potentially being exploited until a hotfix was implemented. 

But at the same time, the question of ethics pops up. Would it have been appropriate for the team to watch as the situation escalated, particularly with the crypto-verse being in the spotlight of global regulators? 

CZ also explored these questions in a blog post where he debated the ‘Centralization vs. Decentralization’ topic. In the article, CZ pointed out that decentralization is not binary. He said: 

I believe the first thing to understand is that decentralization is not binary, and not single-dimension. There are multiple aspects to decentralization. Every aspect is a gradient scale, not simply black-and-white.

It is also important to remember that decentralization is a means to the goal, not the goal itself. The goal is freedom, security, and ease of use.

Therefore, with security in mind, the actions of the BNB Chain team and the network’s validators were justified in this instance. 

 


About OMNIA

Omnia Protocol is a decentralized infrastructure protocol for securely accessing the blockchain so that no single point of failure will ever disrupt blockchain applications or wallets integrating with it.

Omnia’s solution is truly decentralized and requires zero technical knowledge. Therefore, all users can set up their nodes in little time and effort. Learn more about the technological marvel behind Omnia by following our Blog or reading our whitepaper.

OMNIA HackathOMNS

A hackathon by OMNIA — 1 hour of learning that you just cannot miss. Omnia provides you secure RPC endpoints with high availability to access the blockchain, and you are very close to accessing it without being tracked or monitored in an easy way that will protect you from malicious threats.

Become an expert, and book your seat on the hackathOMNs page

Post by John N. Kirumba
October 12, 2022