After 6 days from the Ronin Network hack, the crypto community woke up to the news that a user failed to withdraw his funds. Apparently, a hacker managed to find a flaw in the Ronin bridge. This allowed the attacker to withdraw more than 176,000 ETH, valued more than $600 Million. What specifically happened? Is the Axie Infinity Hack a threat to P2E and bridge projects? Let’s explain everything from scratch about the Ronin Hack.
What is Axie Infinity Game?
Axie is a blockchain-based video game that leverages NFTs to reward players. While many blockchain games existed before NFTs came into the limelight, many use the technology to better gameplay. Axie was one of the first to use non-fungible tokens as a part of the game. Even after the NFT hype when down, it remained one of the most played games.
Developed by Sky Mavis, it is a game where you can battle, collect and earn. Also, the game has almost 3 million active players, making it one of the largest games worldwide. Like most blockchain-based games, it runs on Ethereum—one of the most popular blockchains. Additionally, the game has a sidechain called Ronin to help reduce transaction fees. Transaction fees are usually a common problem when using Ethereum. This blockchain charges a lot for most transactions because of the workload. Fortunately, Ronin was in place to minimize fees and enable players to enjoy gaming while supplementing their income. Let’s talk more about Ronin Network.
What is Ronin Wallet?
Axie Infinity, a game based on Ethereum, allows players to collect specific in-game artifacts called Axies. Despite the blockchain game providing an avenue for users to have fun, its services have been limited by the problems of Ethereum. To get rid of the issues bugging the Ethereum blockchain from affecting the gameplay, the game developers unveiled the Ronin blockchain. According to the developers, the Ronin network is a sidechain that was specially made for Axie Infinity.
Ronin wallet is the wallet built on the Ronin blockchain for Axie Infinity players. Just like MetaMask and some other wallets, it is a browser extension wallet. This means that for it to work perfectly, it needs to be added to a browser. Besides using the wallet to play Axie Infinity, traders can also use it to carry out other transactions because of its low transaction fees. Players can also use the wallet to play other blockchain games developed on Ronin Bridge.
What is the Ronin Bridge?
Ronin bridge is the gateway where users that play the Axie Infinity transfer their ETH to Ronin. It was developed and is currently being managed by Sky Mavis, the creators of the Axie Infinity game. After it is transferred to Ronin using the bridge, the ETH becomes Wrapped ETH.
After this conversion, users can now use it to purchase Axies to play the game. Asides from this function, the Ronin bridge also allows users to upgrade their Axies or Smooth Love Potion tokens. Additionally, users can use the bridge to transfer their tokens back to Ethereum and withdraw them.
What happened with Axie Infinity Hack?
Technically, the hack occurred on the Ronin Bridge, exposing Axie Infinity players along with other projects using that Bridge. In order to understand how the attacker managed to steal those 170k ETH, we need to understand how the Ronin Bridge works.
How does Ronin Bridge Work?
The funds on the Ronin Bridge are secured by a set of 9 secret keys. Having access to at least 5 of those keys allows the network to unlock and release the funds. This is done to speed up the validation process, kind of how Bitcoin works. On the other hand, in Bitcoin’s case, we talk about the 51% attack that might bring Bitcoin to the ground.
The hacker managed to find a backdoor in the Ronin Bridge node. He got ahold of 4 validators on Ronin, and a third-party validator run by the Axie DAO. With those 5 validators at hand, the hacker managed to unlock the vault and withdraw 173,600 Ethereum.
Did Ronin Network respond to the Hack?
Interestingly, the company posted a public notice about the event 6 days after the hack. They explained in detail what specifically happened. On the other hand, they uncovered that they already knew about the hack on the same day, as a normal user reported to their support his inability to withdraw 5K ETH from their Bridge.
How is Ronin handling the Hack situation?
From a technical standpoint, the company announced that they are increasing the validator threshold from five to eight. This makes the confirmation process slower and more expensive, but with the current situation, it is necessary. For now, Ronin will temporarily pause the Ronin Bridge to ensure no further attack vectors remain open. Also, they are in the process of migrating their nodes, which will separate from their old infrastructure.
From a business standpoint, the company is in touch with security teams at major exchanges. Binance is one example, and they’ll be disabling their bridge to and from Ronin. The bridge will open up at a later date once the situation solves.
The company is also working with Chainalysis to monitor the stolen funds. On another side, they also plan to contact government agencies to ensure maximum cooperation from all sides.
How did the Crypto Community react?
Obviously, this is a big blow for the entire cryptocurrency community. Having vulnerabilities in any blockchain system might have big repercussions on the entire trust that is given to this technology. What made people more furious is the fact that it took Ronin company a week to publish their “Community alert”, deeming it misleading. What if this specific user did not try to withdraw and did not raise a concern, would the company have talked about that hack?
The company even turned off commenting on their announcement, as many users turned angry at the situation.
What will the future look like for Crypto Projects?
It is already known that blockchain projects are still in their “Proof of concept” phase. Every DeFi project slams users with a big disclaimer as soon as they visit their website, saying how risky this venture is. The risk that crypto enthusiasts take is not only the volatility of cryptos but also the hacks that the systems might endure.
Nothing is perfect from day 1. Everything needs constant fixing and enhancement. This is a big part of why blockchain tech did not strive. When this happens, the cryptocurrency market will definitely reach new heights in terms of market cap, users and business adoption, and ease of use among regular people.
Will a Crypto Crash happen soon because of this Hack?
It is unlikely to see a major crash following this hack. Back in the days, Mt. Gox exchange hack did indeed crash the crypto market, bringing Bitcoin prices from a high of $1,000 to a low of $200. But many other factors came into play other than this simple hack, such as that the market back in 2013 was overbought, an adjustment was needed, and the fact that this exchange handled more than 70% of Bitcoin transactions. Also, the crypto market was still in its infancy stage, and any event would’ve affected prices.
On the other hand today, the crypto market matured much more than before, especially with the increasing institutional adoption. People are aware that a hack on a certain blockchain should not mean that blockchain tech does not work. We expect prices to fall over the short-term, especially after a previous bull week as part of a heavy adjustment. For the medium/long term, prices should recover soon after.