
Point
- AxieInfinity’s RoninBridge hacked for over 70 billion yen
- Hacked on March 23 but discovered today by user feedback
- RoninBridge and KatanaDEX currently suspend
- Working with various agencies to get funds back
- AXS, RON, and SLP are said to be safe
AxieInfinity, the leader in GameFi, announced that “Ronin Bridge” has been hacked; 173600 ETH and 25.5 million USDC have been exposed (totaling over 70 billion yen).
This was discovered today after users reported that they could not withdraw 5000 ETH. As of March 23, the Ronin validator node and the AxieDAO validator node were hacked.
Background of the Hacking
The SkyMavis Ronin chain consists of 9 validator nodes. The signatures of 5/9 validators require for deposits and withdrawals.
In this case, 4 Ronin Validators of SkyMavis and a validator of Axie DAO were affected.
The damage was triggered in November 2021 when AxieDAO was able to sign on behalf of SkyMavis to process a vast number of user transactions; it was discontinued in December 2021, but access to the permission list was not revoked! The list did not repeat in December 2021.
Current Response
- Change the number of signatures required for validators to 8/9
- Cooperation with many exchanges and others, including Binance
- Separated the nodes from the existing infrastructure
- Suspended RoninBridge (will resume at a later date)
- Suspended KatanaDEX
- Working with Chainalysis to monitor outgoing funds
Official announcement: https://roninblockchain.substack.com/p/community-alert-ronin-validators?s=r
