The upgrade deployment script failed to call an important initialization function, leaving the vote threshold at zero and allowing anyone to withdraw ‘without signature.’
The $10 million Ronin bridge exploit on Aug. 6 was caused by a faulty upgrade deployment script, according to a report from blockchain security firm Verichains.
The upgrade reduced the voting threshold for validators to zero, essentially allowing any user to withdraw from the bridge “without signature,” Verichains stated.
The attacker attempted to exploit this flaw to drain the bridge, but they were front-run by an MEV bot which actually carried out the attack, probably without intending to. The bot’s owner later returned most of the funds to the Ronin team.