Key Takeaways
- Ronin Network, the sidechain used in the popular play-to-earn game Axie Infinity, suffered a major exploit on Mar. 23.
- A hacker compromised five validator nodes and stole 173,600 Ethereum and 25.5 million USDC from the Ronin bridge at a value of around $551.8 million. The Ronin team discovered the exploit six days later.
- The Ronin team has paused the bridge and is taking various steps to track the hacker, a blog post confirmed.
Share this article
The Ronin bridge and Katana exchange have been halted following the incident.
Axie Infinity Network Suffers Vulnerability
Ronin Network, the blockchain underpinning the popular play-to-earn game Axie Infinity, has been hit by a major security breach.
The Ronin team confirmed the incident late Tuesday. A blog post revealed that its Ronin validator nodes and Axie DAO validator nodes were compromised on Mar. 23, resulting in losses of 173,600 Ethereum and 25.5 million USDC. Based on Ethereum market prices on Mar. 23, the losses amount to around $551.8 million (Ethereum has soared from $3,032 to $3,400 in the days since the hack, which has led to confusion over the value of the theft. At today’s prices, the stash is worth over $615 million).
The blog post revealed that the hacker used hacked private keys so that they could forge withdrawals. Bizarrely, the compromise was only discovered today, six days after the attack, when someone reported that they had struggled to withdraw 5,000 Ethereum from the bridge.
The Ronin chain uses just nine validator nodes (for context, Ethereum has around 300,000 validators, while Solana has closer to 1,000). To confirm a deposit or withdrawal, it requires five validator signatures. The hacker successfully drained the funds because they took control of four Ronin validators and another validator run by Axie DAO. The blog post said that although the validator key scheme it uses “is set up to be decentralized,” the attacker found a back door through a gas-free node that was set up amid soaring user demand.
The Ronin team said that it had increased the minimum number of validator signatures required for a deposit or withdrawal to eight in response to the incident. It’s also migrating its nodes and temporarily paused the Ronin Bridge and Katana exchange.
According to the blog post, this wallet containing 175,913 Ethereum holds the majority of the stolen funds. Ahead of the exploit, the same wallet interacted with Binance, and other wallets connected to the hacker have since made deposits to FTX and Crypto.com. That suggests that there may be a way of tracing the assailant. The Ronin team said that it was “working directly with various government agencies” and Chainalysis to track the hacker and the funds.
Ronin Network is an Ethereum sidechain launched by Sky Mavis, the blockchain game developer behind the NFT-based play-to-earn hit Axie Infinity. Sky Mavis experienced huge growth last year as NFTs boomed and interest in Axie Infinity soared, hitting a valuation of almost $3 billion in October. Axie Infinity players use Ronin to trade in-game tokens. In the blog post, the Ronin team admitted that while the network “was not immune to exploitation,” it was working to ensure that no users’ funds are lost. “All of the AXS, RON, and SLP on Ronin are safe right now,” the post added.
AXS, RON, and SLP all tanked on the news. Unsurprisingly, RON was hit hardest. It’s down 9.4% at press time.
This story is developing and will be updated as more details emerge.
Disclosure: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies.