Coinspeaker
Ronin Network Reopens Bridge after $10M Exploit in August
Ronin Network, a blockchain protocol designed to support play-to-earn (P2E), has resumed operations on its cross-chain bridge following a $10 million exploit in August.
In an announcement on X (formerly Twitter), the Ethereum Virtual Machine (EVM)-compatible blockchain confirmed the reopening of the bridge, allowing users to resume normal activities.
Transition to Specialized Bridging Solution
The team behind the development of the platform reassured users that there would be no further updates to the bridge’s contract code. However, the network plans to transition its operation and maintenance to a specialized bridging solution.
“We plan to transition the operation and maintenance of Ronin’s bridging functions to a specialized, established bridging solution. This shift will leverage the expertise and focus that comes from dedicating resources to a single, specialized product,” the team stated.
Last month, cybercriminals exploited a vulnerability on the bridge by utilizing a Miner Extractable Value (MEV) bot, enabling them to steal over 3,996 Ethereum (ETH). Fortunately, blockchain security firms detected the transaction and promptly alerted the Ronin protocol about the attack.
Ronin acted quickly, shutting down the bridge to prevent further exploits, which could have put over $850 million in user assets at risk. Shortly after the incident, speculation arose within the crypto community that the attack may have been a white-hat operation, with no intention of actually stealing the funds.
Ronin Bridge Audited by External Parties
On August 6, Ronin confirmed via X that the stolen funds had been returned, validating earlier speculation. However, the attack exposed vulnerabilities within the bridge that could potentially allow cybercriminals to exploit the platform further.
To address these concerns, Ronin announced that the bridge would remain closed until all loopholes were patched and verified as secure by auditors. The aim was to ensure the network would be impenetrable to future attacks.
Today, the Ronin team confirmed that the bridge had undergone rigorous audits by two external firms, ensuring its security before reopening.
2/ The bridge has undergone 2 audits by external parties, which you can find here: https://t.co/eECrjxNtB2
Use the Ronin Bridge here: https://t.co/fIQjO0GqcR
— Ronin (@Ronin_Network) September 4, 2024
A Major Heist in 2022
Ronin has been a frequent target for cybercriminals since its entry into the crypto market. In March 2022, the platform suffered a catastrophic breach, with hackers stealing over $600 million, one of the most significant attacks of the year.
The hackers exploited the same cross-chain bridge, making off with approximately 173,600 ETH (valued at around $590 million at the time) and $25.5 million in the USDC stablecoin.
At the time of the attack, the Ronin was safeguarded by nine validators, with five signatures required to authorize any deposit or withdrawal transactions from the bridge.
According to a post-mortem report, the attacker managed to compromise four of Sky Mavis’s Ronin validators and one third-party validator from Axie DAO. By gaining access to Sky Mavis’s private keys, the hacker executed unauthorized withdrawals.
