Let’s discuss the four biggest smart contract hacks in 2022 and see the smartosc solution!
The wormhole is a bridge protocol built to connect multiple blockchain chains, including Ethereum, Solana, Binance Smart Chain, Polygon, Avalanche, and Oasis, without using a centralized exchange (CEX)…
On February 3, 2022, the Solana-based Wormhole cross-chain protocol was hacked. The platform has a total estimated loss of up to 120,000 WETH tokens (calculated at the time of the incident, the estimated loss amount is more than 321 million USDm.
Wormhole developers tried to solve the problem by contacting the hackers via blockchain messages with the content mainly offering a $10 million bounty and recovering the stolen funds.
The leading cause of the attack was the Wormhole vulnerability that the attacker exploited on Solana. Previously CertiK explained that Wormhole’s smart contracts do not fully validate the input data, allowing transactions to be initiated with incorrect variables. Due to this vulnerability, hackers can send WETH to their addresses.
Specifically, on March 29, 2022, Axie Infinity’s Ronin Bridge cross-chain bridge was attacked by hackers with the amount of 173,600 ETH and 25.5 million USDC withdrawn from Ronin Bridge, with the total damage caused by the attack. Turned out to be more than 600 million dollars.
The cause of the attack mainly stemmed from the fact that Axie DAO granted access to Sky Mavis on behalf of Axie DAO to confirm transactions to reduce the burden from a large number of users and the danger that occurs when access rights arise. This access is never revoked.
Harmony’s Horizon Bridge is a cross-chain bridge that allows users to convert digital assets such as tokens, stablecoins, NFTs, etc… Between Ethereum and Harmony, or BSC, through a set of Smart Contracts.
On June 24, 2022, Harmony announced an attack on Horizon Bridge, estimated at $99,340,030, on approximately 65,000 wallets with 14 different asset classes. Specifically, the amount stolen from exploiting the vulnerability on the Horizon bridge includes 13,100 ETH, 592 WBTC, 9.9 million USDT, 41.2 million USDC, 6 million DAI, 5.5 million BUSD, 5.6 million FRAX, along with some ERC20 tokens other. This amount accounts for 2/3 of the total amount on Horizon Bridge.
Nomad Bridge is a bridge that allows users to transfer assets across different ecosystems, such as Ethereum, Avalanche, Evmos, Milkomeda C,1, and Moonbeam, through Nomad’s messaging system.
Recently, the Nomad cross-chain bridge was attacked by hackers, resulting in the project being “stolen” by hackers, losing most of the money, leaving only $651 in the platform wallet. This attack has been dubbed the fourth-largest cryptocurrency hack in history.
Due to the security flaw, the hackers bypassed the message verification process, thereby systematically attacking the bridge’s funds through a long chain of transactions. According to some reports, it was discovered that as many as 300 wallets were involved in the mining.
SmartOSC solution of secure smart contract hack
The leading cause of attacks on the blockchain system is mainly due to security holes inherent in cross-chain bridges and some projects’ lack of expertise. This problem has caused many losses for the market, but mainly for users.
Currently, many tools (software, solutions) support users in authenticating and encrypting information. However, these tools are mainly provided by digital signature providers or free software installed on the user’s PC to use for installing applications.
Integration with other applications, especially web applications, has not been focused on. Solution for document authentication in the network environment: It is the construction of software to authenticate (digitally sign) documents in text exchange in the network environment. The solution is built to allow integration on the record sending and receiving functions of web applications by using digital certificates for the server and digital certificates of organizations and individuals participating in the system.
With tools such as cryptographic libraries, digital signatures,… SMARTOSC believes that this will be a pioneering step for future security technology.
Contact SmartOSC here to receive professional blockchain security services. get well know our solution.
Contact us if you have any queries about Blockchain development services, dApps development, NFT marketplace development, Crypto wallet development, Smart contracts development.