Cryptocurrency exchange Binance went into emergency mode this Thursday following hacking. The exchange quickly spearheaded the event, issuing a blog post today detailing steps it was taking to mitigate it.All in all, the hacker took his 1 in $BNB, the exchange’s native cryptocurrency. Got $100 million. However, the first report, backed up by blockchain analysis, puts the figure well above $570 million (you may still see some of his websites listing that figure). ).But quick response from Binance Suspended all trading across exchanges believed to be decentralized exchangesCurrently, $7 million of the stolen funds are Frozen and pending recovery.
To confirm, we suspended BSC after identifying a potential exploit. All systems are now contained and we are investigating potential vulnerabilities immediately. We know the community will support and help freeze transfers. All funds are safe.October 6, 2022
This exploit targeted a cross-chain bridge between BNB Beacon Chain (BEP2) and BNB Smart Chain (BSC). A bridge is a software application that allows two different blockchains to interact, locking certain assets from one chain and “creating” (creating) equivalent assets on the destination chain. Bridges are the target of some of the most sophisticated hacks in the cryptocurrency space due to the complexity of bridging disparate protocols with a single point of failure. The FBI has created a PSA on this issue.
According to the blog post, the attack occurred through a sophisticated forgery of low-level proofs into a common library, allowing hackers to mint 2 million units of $BNB without deploying a cryptocurrency backing the exchange. After securing 2M units, the hackers diverted slices of the funds into other decentralized bridging protocols with the aim of “laundering” 2M units into another cryptocurrency. The attacker managed to convert $57 million worth into his Fantom blockchain protocol and its native token, as well as $53 million into Ethereum and $400,000 into Polygon.
A Binance blog post asked Binance stakeholders (essentially anyone holding $BNB) to participate in a series of votes to allow for community-based decisions on next steps. I was. These governance votes, which take place on-chain, decide whether or not to keep hacked funds frozen (how this affects users is unknown). Additionally, Binance will be voting on creating a bug bounty system. This is a system most blockchains already have, leading to numerous “white hat” exploits where funds are siphoned off and sometimes returned in exchange for million-dollar bounties.
One of the promises of blockchain technology, especially cryptocurrencies, is decentralization. This is achieved by having as many users as possible hold copies of the blockchain in place. This ensures that there is always a way to find the true version of transaction history. However, in most blockchains, validators are not the average cryptocurrency user, but trusted nodes. These nodes are empowered to participate in the recording of transactions and protect the blockchain from his 51% attack (whoever controls half of the validators creates their own artificial transactions). can be created and eventually forced onto the blockchain).
But decentralization means that no single player can change or even stop writing to the public ledger that makes up any blockchain. Binance his chain, on the other hand, is its centralized counterpart in that it has contacted all 26 validators (44 in total in various time his zones), alerted them to thefts, and prevented them from creating new transaction blocks. I was forced to show my skill. This stopped the bleeding and likely prevented the stolen funds from actually leaving the chain. Still, it definitely stressed users who were unable to do anything with their funds until the chain was reopened.
It also raises the question of future outages on the BNB chain and what it means for user funds in the event of a more severe failure.
Centralization has its risks, but one can also argue about the impact of Binance’s choice not to stop its chain. With an additional 2 million units of his BNB coin appearing out of nowhere, the price of each $BNB itself will inevitably drop given the increased number of assets. If this drop is severe enough and the chain is functioning properly, users could panic selling their BNB tokens before the price drops further. This in turn could create a fire sell, with prices plummeting even if buyers were unable to absorb the large amount of BNB that was returned to the market after the liquidity sought. Once this cycle begins, it is very difficult to stop. Several stock trading firms and blockchains have seen these events unfold. mainly with devastating effects.
Following the news of the exploit, perhaps supported in part by the inability to actually sell the asset, the value of the BNB token fell by only 3.35%. We’ll have to wait and see what the Binance community decides on this, but for now, at least, it looks like the crisis has been averted.
