Main Highlights:
- Sky Mavis claimed that its Axie Infinity game’s Ronin Network was hacked, with hackers stealing 173,600 Ethereum (worth $594.6 million) and $25.5 million in US dollars, totaling $620 million.
- Transactions made possible through the Ronin bridge and the Katana Dex have been halted.
- This means that players who have funds saved on the network will be unable to access them for the time being.
- The stolen funds represent a negligible portion of Sky Mavis’s and its decentralized autonomous organization Axie’s overall assets (DAO).
Sky Mavis stated that the Ronin Network, which powers their Axie Infinity game, was hacked, with hackers taking 173,600 Ethereum (worth $594.6 million) and $25.5 million in US cash, totaling $620 million.
If Sky Mavis, the developer of the Axie Infinity blockchain game, is unable to recover the funds, it will take a significant hit to its overall treasury and will cast a negative light on blockchain-based security, as the entire point of putting the game on the blockchain — in this case, a Layer 2 network dubbed the Ronin Network — is to enable improved security.
Transactions enabled via the Ronin bridge and Katana Dex has been suspended. For the time being, this implies that gamers who have monies saved on the network cannot access them. The stolen monies constitute a small fraction of Sky Mavis and its decentralized autonomous organization Axie’s total holdings (DAO).
They are collaborating with law enforcement, forensic cryptography experts, and their investors to ensure that all monies are recovered or refunded. All AXS, RON, and SLP on Ronin are currently safe, Sky Mavis stated in a statement. According to statistics from Comparitech, the breach will almost certainly be regarded as one of the largest in Bitcoin history.
According to the firm, there was a security compromise on the Ronin Network. The firm learned earlier today that on March 23, Sky Mavis’s Ronin validator nodes and Axie DAO validator nodes were hacked, causing the drain of 173,600 ETH (now worth $594.6 million) and $25.5 million from the Ronin bridge in two transactions. The business stated that the stolen bitcoin has not yet been moved from the account used to perpetrate the assault.
External organizations called validator nodes validate the information on the blockchain and compare notes to guarantee the network’s information is accurate. Blockchain technology is (believed to be) a decentralized, secure, and transparent digital ledger and Ethereum is one of the largest networks built on it. Ethereum is both the name of a blockchain protocol and the cryptocurrency based on the platform.
Sky Mavis uses the blockchain to validate the uniqueness of nonfungible tokens (NFTs), which may be used to uniquely authenticate digital products such as the Axie animals in the Axie Infinity game. NFTs skyrocketed in popularity last year, enabling Sky Mavis to raise $152 million in October at a $3 billion valuation. However, blockchain games have been a flashpoint in the industry recently due to detractors alleging that they are riddled with Ponzi schemes, rug pulls, and other anti-consumer frauds.
Ethereum has certain disadvantages, including the fact that transactions are sluggish and take a lot of energy due to the fact that it relies on a large number of computers globally to perform the verification process. To address this issue, businesses like as Sky Mavis have developed Layer 2 solutions such as the Ronin Network. That network is capable of executing transactions far more swiftly, cheaply, and with less environmental effect than Ethereum itself.
However, as Sky Mavis just discovered, this off-chain processing is not without danger. Sky Mavis established a network of computer nodes to check transactions on its Ronin Network, but hackers can make bogus transactions and steal cash held on the network if they win 51% control of the network.
Sky Mavis stated that the perpetrator forged false withdrawals using compromised private keys. Sky Mavis says it uncovered the assault this morning after receiving a notification from a user who was unable to withdraw $5,000 in Ethereum from the bridge.
Specifics regarding the attack
At the moment, Sky Mavis’ Ronin chain consists of nine validator nodes. Five of the nine validator signatures are required to acknowledge a deposit or withdrawal event. The attacker gained control of four of Sky Mavis’s Ronin validators as well as a third-party validator operated by Axie DAO.
Although the validator key mechanism is designed to be decentralized, the attacker discovered a backdoor using Sky Mavis’ gas-free RPC node, which he exploited to get the signature for the Axie DAO validator.
This dates all the way back to November 2021, when Sky Mavis asked the Axie DAO for assistance in distributing free transactions owing to a massive user load. The Axie DAO authorized Sky Mavis, a publicly-traded company, to sign different transactions on its behalf. This was terminated in December 2021, but access to the allow list was not withdrawn.
Once the attacker gained access to Sky Mavis systems, they used the gas-free RPC to obtain the signature from the Axie DAO validator,” Sky Mavis stated. They have verified that the signatures on the illicit withdrawals correspond to the five suspected validators, Sky Mavis explained.
Actions taken by Sky Mavis
Sky Mavis stated that it responded immediately to the issue as it was discovered and is currently working to prevent future attacks. The corporation has upped the validator threshold from five to eight to avoid more short-term damage. They are in contact with security staff at key exchanges and will contact everyone in the next few days, according to the business. They are now transferring our nodes to a new infrastructure that is entirely different from our previous architecture.
Additionally, the business has suspended the Ronin Bridge momentarily to guarantee that no additional attack routes remain exposed. Binance has also stopped their bridge to/from Ronin in an attempt to be extra cautious. The bridge will be reopened after the corporation is convinced that no further monies may be drained.
Additionally, Sky Mavis has blocked Katana DEX momentarily owing to its inability to arbitrage and transfer additional cash to Ronin Network. Additionally, it is collaborating with Chainalysis to monitor the stolen cash, as blockchain transactions can be monitored.
Further steps
The corporation stated that it is collaborating closely with several government authorities to guarantee that the offenders are apprehended. They are now in discussions with Axie Infinity / Sky Mavis stakeholders on the best course of action to avoid customer cash being lost, the business claimed.
Sky Mavis initially set the five out of nine criteria for validators because certain nodes fell behind the chain or became trapped in the syncing stage. The criteria will increase to eight out of nine in the future. The corporation intends to gradually increase the validator set on an accelerated schedule.
4,970 ETH ($16,931,672.478) have already been transferred to exchangers. Unspent funds in four addresses may also go in the same direction. Additionally, the total amount unspent in these addresses is 177,192.66 ETH.] Sky Mavis is attempting to ascertain how this occurred.
As they have seen, Ronin is not impervious to exploitation, and this assault reaffirms the critical nature of prioritizing security, being watchful, and minimizing all dangers. They understand that confidence must be earned and are using the most sophisticated security tools and processes available to avoid such breaches, Sky Mavis stated.
The business said that the bridge contract’s ETH and USDC deposits had been emptied. Sky Mavis stated that it is collaborating with law enforcement agencies, forensic cryptographers, and investors to ensure that no user cash is lost. The business stated that all AXS, RON, and SLP on Ronin are currently safe.
Users are unable to withdraw or deposit funds to Ronin Network at the moment. Sky Mavis is dedicated to recouping or reimbursing all money that has been siphoned, the business stated.
