Wormhole token bridge that connects the Ethereum and Solana blockchains, which appears to be a trivial piece of technology for its function, lost almost $321 million Wednesday afternoon.
This is the most serious attack against Solana to date. A rival to Ethereum that is steadily gaining traction in the non-fungible token (NFT) and DeFi ecosystems. The $600 million Poly Network crypto robbery was larger, but it employed cryptocurrency rather than blockchain technology, which could explain why opponents describe this everyday occurrence as “quite momentous.”
The theft took place on Solana’s side. The finding of a vulnerability on the Solana side has generated fears that it may be vulnerable to Wormhole’s bridge as well.
The Wormhole team announced that they would replenish the Ethereum (ETH) supply to ensure that wETH is backed 1:1, although it is unclear where that money would come from or when they will be available.
The attacker was able to get into a smart contract and steal $321 million in wETH. The robbery occurred at 6:24 p.m. UTC on February 2nd, when an attacker minted 120,000 wETH and subsequently redeemed 93,750 wETH for ETH, worth $256 million. They were able to purchase SportX (SX), Meta Capital (MCAP), Finally Usable Crypto Karma (FUCK), and Bored Ape Yacht Club Token with these monies (APE).
The hacker currently has 432,662 SOL ($44 million) in Solana wallet after exchanging the remaining WETH for USDS and SOL on Solana.
In today’s press release, CertiK, a smart contract auditing firm, highlighted potential vulnerabilities within Wormhole’s bridges to other blockchains. However, the research does state that it “is possible” that updates or upgrades could solve these common concerns.
Is Wormhole as fortunate as Poly Network?
The Wormhole team is determined to reclaim its funds. They’ve issued a $10 million bug bounty, which will be paid out if anyone can find a way to return it.
“This is the Wormhole Deployer: We noticed you were able to exploit the Solana VAA verification and mint tokens. We’d like to offer you a whitehat agreement and present you a bug bounty of $10 million for exploit details and returning the wETH you’ve minted. You can reach out to us at firstname.lastname@example.org.”
The Wormhole team is working hard to solve a recently reported exploit. Unfortunately, wETH tokens transmitted across the bridge are not yet redeemable while working on it.
In less than a week, there have been two smart contract exploits. The first was on Qubit Finance’s token bridge last Friday, and this is the second. It reminds us a lot of the Poly Network attack, in which they took over $610 million from investors. Thanks to whitehat hacker assistance, Poly Network was fortunate enough to have its funds returned.
Token Bridge Heist Reviews by Tech Giants
Recent occurrences have confirmed Vitalik Buterin’s warning that “basic security constraints” on token bridges have come true. The frequency with which smart contract breaches occur underlines his claim about layer-1 blockchains being insecure. Furthermore, hackers plunder other sites for gunpowder and attack routes into new territory with little defense against such approaches.
We reached out to Ali Qamar, Cyber Security Expert and PrivacySavvy founder, for his thoughts on the hacker who used a security weakness to create wETH without depositing any ETH. The primary thinker of the privacy education hub remarked:
The heist is a reminder that the DeFi services’ security is yet to reach a level appropriate for the enormous amounts of funds being stored within them. Blockchain transparency seems to allow attackers to spot and exploit significant bugs.
What Exactly Is a Token Bridge?
Ether is the most popular blockchain network today, and many individuals are interested in using it to substitute banks or lawyers when working with smart contracts. However, alternative solutions, like Solana, may be less expensive and speedier depending on your demands.
The development of cross-chain bridges has made it easier than ever for cryptocurrency holders to function beyond their ecosystem, with no restrictions on where they can send or receive cryptocurrencies.
The Wormhole protocol is a ground-breaking new protocol that allows users to transfer tokens and NFTs between Solana, Ethereum’s most popular smart contract platform.
The market has plummeted
Investors’ enthusiasm for the possibility for Solana’s network to become more extensively used propelled it into the top ten cryptocurrency list last year. Since February 2021, the price of one token has climbed by 1,600%. Last year, the aggregate value reached an all-time high of $78 billion.
However, the value of Solana has plummeted rapidly after the recent crypto robbery, and it now trades at less than $100 per token. Furthermore, the drop is linked to a larger crypto market crisis. The crash affected bitcoin and other important cryptocurrencies such as Ethereum and Litecoin. As a result, their values have declined dramatically over time.