Last week, Harmony Protocol lost $100 million due to one of its bridges. Now the company is offering the hacker a $1 million bounty on the condition that he return the funds and explain the flaw that allowed him to achieve his ends.
In addition, Harmony (ONE) assures that it will do everything possible to ensure that no criminal charges are brought after the funds are returned.
The company specializing in inter-chain bridges has also share an Ethereum address (0xd6ddd996b2d5b7db22306654fd548ba2a58693ac), as well as an email address ([email protected]harmony.one) where the attacker can contact her.
It remains to be seen whether the hacker will accept this bounty, which represents only 1% of the stolen funds. Note that the latter holds $98 million of the stolen funds in an Ethereum wallet and around $1.79 million in a Binance Smart Chain address.
On June 24, Harmony called on the hacker to enter into negotiations with its leaders, even on an anonymous basis.
A private key problem
Harmony (ONE), a blockchain based on the proof of stake consensus mechanism, lost $100 million due to an attack on its Horizon bridge. This allows users to transfer tokens between the Ethereum network and the Binance Smart Chain. According to cybersecurity firm Peckshield, the attacker used compromised private keys.
The hacker used private information from two of the bridge’s four crypto wallets to transfer $100 million in Ethereum, Binance Coin and three stablecoins to an external wallet. According to the analysis company Elliptic, this amount would have been converted into ETH on a decentralized exchange.
Note also that the @_apedev Twitter account already reported this flaw in April.
The faults of the inter-chain bridges
Most blockchains have native tokens that are incompatible with other networks. For example, ETH can only be used on the Ethereum blockchain, while Bitcoin can only be used on the Bitcoin network. Inter-chain bridges (bridges) allow tokens to be transferred between different blockchains. However, they are complex and often rely on software developed by anonymous entities.
In order to use your currency of choice on the Bitcoin network, you need to go through a bridge. This will convert your token into Wrapped Bitcoin, an alternative store of value that acts as a voucher on the chosen network. The whole process is managed by smart contracts.
The problem is that these Wrapped Bitcoins correspond to actual BTC on the bridge, which makes them vulnerable to attacks, since it is often difficult to know how the funds deposited on the bridges are protected.
Back in 2009, crypto bridges were completely useless, as Bitcoin was the only blockchain available. 13 years later, the expansion of the decentralized finance industry has made these bridges indispensable.
The Ronin bridge attack, which cost parent company Axie Infinity $600 million, is considered the biggest bridge hack so far. This attack, which resulted from a private key issue, brought the amount of total crypto bridge losses to $1 billion.
According Quinceko, Harmony (ONE) fell to a weekly low of $0.0236 on June 24 following the attack. Since then, the asset has rallied slightly to $0.0244 as of this writing.
All information on our website is published in good faith and for general information purposes only. Any action taken by the reader based on information found on our website is entirely at their own risk.
We want to give thanks to the author of this short article for this amazing material
Harmony (ONE) Offers $1M Bounty to Horizon Bridge Hacker – BeinCrypto
You can find our social media pages here and additional related pages here.https://metfabtech.com/related-pages/