Professional Documents
Culture Documents
FBC Final
FBC Final
FBC Final
Need of bridges
• All blockchains have their limitations. all blockchains develop in isolated
environments and have different rules and consensus mechanisms. This
means they cannot natively communicate, and tokens cannot move freely
between blockchains.
• Bridges exist to connect blockchains, allowing the transfer of information
and tokens between them.
Bridges enable:
• the cross-chain transfer of assets and information
• dapps to access the strengths of various blockchains – thus enhancing
their capabilities (as protocols now have more design space for
innovation).
• users to access new platforms and leverage the benefits of different
chains.
• developers from different blockchain ecosystems to collaborate and
build new platforms for the users.
Types of Bridge
Trusted bridges depend upon a central entity or Trust less bridges operate using smart
system for their operations. contracts and algorithms
They have trust assumptions with respect to the They are trust less, i.e., the security of the
custody of funds and the security of the bridge. bridge is the same as that of the
Users mostly rely on the bridge operator's
underlying blockchain.
reputation.
• Interacting with any type of bridge carries
risk: Smart Contract Risk; Technology Risk
Using
User's funds are at risk if:
• there is a bug in the smart contract
• the user makes an error
Bridges
• the underlying blockchain is hacked
• the bridge operators have malicious intent
in a trusted bridge
• the bridge gets hacked
HOW WORMHOLE
WORKS
• Wormhole is a ‘bridge’ that efficiently facilitates the movement of digital
assets from one blockchain to another blockchain network.
• The portal helps users operating on top-tier decentralized channels like
Ethereum, Binance, Solana, Polygon, Oasis, etc., to communicate with each
other via a transparent interface.
THE PROCESS:
• Send the message to the Wormhole ecosystem
• The Guardian nodes scrutinize the transaction
• Within seconds, the nodes manage to reach the Quorum
• The Guardian nodes make the attested message publicly accessible
• Access the message on the destination chain
About the scam-Wormhole Bridge
On Wednesday, Feb 2nd the decentralized finance (DeFi) platform Wormhole became the victim of the
3rd largest cryptocurrency theft in 2022.
It was among the top five largest crypto hacks of all time when an attacker exploited a security flaw to
make off close to $325 million.
Wormhole provides a service known as a bridge between blockchains, an escrow system that allows one
type of cryptocurrency to be deposited in order to create assets in another cryptocurrency.
It acts as connecting services that allows users to send and receive crypto between Ethereum, Solana,
Binance Smart Chain (BSC), Polygon, Avalanche, Oasis and Terra without the use of a centralized
exchange.
This allows a person or entity with holdings in one cryptocurrency to make trades and purchases using
another, like being able to fund a bank account in dollars and then use a bank card to buy something
priced in euros.
The attacker managed to forge a valid signature for a transaction that allowed them to freely mint
120,000, a wrapped Ethereum equivalent on the Solana blockchain, with value upto $325 million
at the time of the theft .
The hacker has since used some funds to buy SportX (SX), Meta Capital (MCAP), Finally Usable
Crypto Karma and Bored Ape Yacht Club Token (APE).
Wrapped Ethereum was then exchanged for around $250 million that was sent from Wormhole to
the hackers account, liquidating large amount of the Ethereum funds that were held as collateral
for transactions on the Solana blockchain.
Due to the nature of cross-chain applications, the attack temporarily left a huge deficit between the
amount of wrapped Ethereum and regular Ethereum held in the Wormhole bridge, as if the
collateral asset backing a loan had suddenly disappeared.
According to Forbes, the attack caused a 10 percent drop in the value of the Solana
cryptocurrency in the aftermath of the hack.
The Wormhole team has announced that more Ethereum will be added to the bridge
to replace the stolen collateral funds, effectively meaning that the company will
need to find $325 million in assets to plug the gap.
At this stage, it is unclear where the funds will come from. The Wormhole team
also contacted the hacker through their Ethereum address, offering to let the hacker
keep $10 million worth of funds stolen if the remaining funds are returned.
WORMHOLE HACKER MOVES $155M OF STOLEN
FUNDS – 23 JAN 2023
OF SCAM
OpenOcean DEX and then subsequently
converted into ETH-pegged assets such as Lido
Finance’s staked ETH (stETH) and wrapped staked
ETH (wstETH).
• Transaction history also highlighted that the
hacker went on to conduct a slew of odd-looking
transactions.
For example, the hacker used
The asset’s price went from
their stETH holdings as collateral
The hacker’s hefty ETH slightly under peg of 0.9962 ETH
to borrow 13 million worth of the
transaction appears to have had a on Jan. 23, to as high as 1.0002
DAI stablecoin, before swapping it
direct impact on the price of ETH the following day, before
out for more stETH, wrapping it
stETH. dropping back to 0.9981 on jan
into stETH again and then
24.
borrowing some more DAI.
WORMHOLE HACKER MOVES ANOTHER $46M OF STOLEN
FUNDS – 12 FEB 2023