Wormhole Bridge Attack

Presented By: Group 7

Manasvi Agrawal 302/2021
Ankit Prakash 307/2021
Rithik Tiwari 323/2021
Himanshu Bansal 328/2021
Tushar Garg 341/2021
Blockchain Bridges
• Blockchain Bridges work just like the bridges we know in a physical world.
Blockchain Bridges connects two blockchain ecosystems.

Need of bridges
• All blockchains have their limitations. all blockchains develop in isolated
environments and have different rules and consensus mechanisms. This
means they cannot natively communicate, and tokens cannot move freely
between blockchains.
• Bridges exist to connect blockchains, allowing the transfer of information
and tokens between them.
Bridges enable:
• the cross-chain transfer of assets and information
• dapps to access the strengths of various blockchains – thus enhancing
their capabilities (as protocols now have more design space for
innovation).
• users to access new platforms and leverage the benefits of different
chains.
• developers from different blockchain ecosystems to collaborate and
build new platforms for the users.
Types of Bridge
Trusted Bridges
Trusted bridges depend upon a central entity or
system for their operations.
Users need to give up control of their crypto assets.
They have trust assumptions with respect to the
custody of funds and the security of the bridge.
Users mostly rely on the bridge operator's
reputation.
Trustless Bridges
Trust less bridges operate using smart
contracts and algorithms
Through smart contracts, trust less
bridges enable users to remain in control
of their funds.
They are trust less, i.e., the security of the
bridge is the same as that of the
underlying blockchain.
 • Interacting with any type of bridge carries
risk: Smart Contract Risk; Technology Risk

Risk • Moreover, since trusted bridges add trust

assumptions, they carry additional risks
such as: Censorship Risk; Custodial Risk

Using
User's funds are at risk if:
• there is a bug in the smart contract
• the user makes an error

Bridges
• the underlying blockchain is hacked
• the bridge operators have malicious intent
in a trusted bridge
• the bridge gets hacked
HOW WORMHOLE
WORKS
• Wormhole is a ‘bridge’ that efficiently facilitates the movement of digital
assets from one blockchain to another blockchain network.
• The portal helps users operating on top-tier decentralized channels like
Ethereum, Binance, Solana, Polygon, Oasis, etc., to communicate with each
other via a transparent interface.

THE PROCESS:
• Send the message to the Wormhole ecosystem
• The Guardian nodes scrutinize the transaction
• Within seconds, the nodes manage to reach the Quorum
• The Guardian nodes make the attested message publicly accessible
• Access the message on the destination chain
About the scam-Wormhole Bridge
 On Wednesday, Feb 2nd the decentralized finance (DeFi) platform Wormhole became the victim of the
3rd largest cryptocurrency theft in 2022.
 It was among the top five largest crypto hacks of all time when an attacker exploited a security flaw to
make off close to $325 million.
 Wormhole provides a service known as a bridge between blockchains, an escrow system that allows one
type of cryptocurrency to be deposited in order to create assets in another cryptocurrency.
 It acts as connecting services that allows users to send and receive crypto between Ethereum, Solana,
Binance Smart Chain (BSC), Polygon, Avalanche, Oasis and Terra without the use of a centralized
exchange.
 This allows a person or entity with holdings in one cryptocurrency to make trades and purchases using
another, like being able to fund a bank account in dollars and then use a bank card to buy something
priced in euros.
 The attacker managed to forge a valid signature for a transaction that allowed them to freely mint
120,000, a wrapped Ethereum equivalent on the Solana blockchain, with value upto $325 million
at the time of the theft .
 The hacker has since used some funds to buy SportX (SX), Meta Capital (MCAP), Finally Usable
Crypto Karma and Bored Ape Yacht Club Token (APE).
 Wrapped Ethereum was then exchanged for around $250 million that was sent from Wormhole to
the hackers account, liquidating large amount of the Ethereum funds that were held as collateral
for transactions on the Solana blockchain.
 Due to the nature of cross-chain applications, the attack temporarily left a huge deficit between the
amount of wrapped Ethereum and regular Ethereum held in the Wormhole bridge, as if the
collateral asset backing a loan had suddenly disappeared.
 According to Forbes, the attack caused a 10 percent drop in the value of the Solana
cryptocurrency in the aftermath of the hack.
 The Wormhole team has announced that more Ethereum will be added to the bridge
to replace the stolen collateral funds, effectively meaning that the company will
need to find $325 million in assets to plug the gap.
 At this stage, it is unclear where the funds will come from. The Wormhole team
also contacted the hacker through their Ethereum address, offering to let the hacker
keep $10 million worth of funds stolen if the remaining funds are returned.
 WORMHOLE HACKER MOVES $155M OF STOLEN
FUNDS – 23 JAN 2023

CURRENT • The hacker shifted a large chunk of stolen funds,

with transaction data showing that $155 million
worth of Ether was transferred to a decentralized
exchange (DEX) on Jan 23.

STATUS • According to the transaction history of the

hacker’s alleged wallet address, the latest activity
shows that 95,630 ETH was sent to the

OF SCAM
OpenOcean DEX and then subsequently
converted into ETH-pegged assets such as Lido
Finance’s staked ETH (stETH) and wrapped staked
ETH (wstETH).
• Transaction history also highlighted that the
hacker went on to conduct a slew of odd-looking
transactions.
 For example, the hacker used
The asset’s price went from
their stETH holdings as collateral
The hacker’s hefty ETH slightly under peg of 0.9962 ETH
to borrow 13 million worth of the
transaction appears to have had a on Jan. 23, to as high as 1.0002
DAI stablecoin, before swapping it
direct impact on the price of ETH the following day, before
out for more stETH, wrapping it
stETH. dropping back to 0.9981 on jan
into stETH again and then
24.
borrowing some more DAI.
WORMHOLE HACKER MOVES ANOTHER $46M OF STOLEN
FUNDS – 12 FEB 2023

This was made up of around 24,400

Lido Finance-wrapped Ethereum
The hacker has transferred an
staking token (wstETH), worth
additional $46 million of stolen funds
approximately $41.4 million, and 3,000
from their wallet, according to on-
Rocket Pool Ethereum staking token
chain data.
(rETH), worth about $5 million, which
was moved to MakerDAO.

The MakerDAO stablecoin was then

The hacker appears to be seeking yield
used to buy 9,750 ETH priced at
or arbitrage opportunities on their
around $1,537 and 1,000 stETH. These
stolen loot as the assets were
were then wrapped back into 9,700
exchanged for 16.6 million DAI.
wstETH.
HOW CRYPTO HACKS CAN BE
REDUCED
• Before investing in any crypto project, it is important to conduct thorough research to ensure that
the project is legitimate. Investors should look for independent reviews and analysis and
investigate the background of the team behind the project.
• Investors should be cautious of any project that promises high returns in a short period of time. If
an investment opportunity sounds too good to be true, it probably is.
• They should only invest in crypto projects that are listed on reputable exchanges. They should
avoid investing in projects that are not listed on any exchanges or are only listed on obscure or
unregulated exchanges.
• Information about a crypto project should be seen from trusted sources, such as reputable news
outlets or independent analysts.
• Sometimes searching keywords about crypto shows promoted ad websites that are actually
phishing operations. Users need to be diligent on what they are clicking on relating to the term.
Thank-You…