Sky Mavis officially announced that, on March 23, some validators of the Ronin blockchain, used by the popular game Axie Infinity, were compromised, leading to the theft of 173,600 Ethereum and 25.2 million USD-C (for a total of about $ 625 million) from the Ronin bridge with two transactions. The fact was discovered following the report of a user unable to withdraw 5,000 ETH from the bridge.
Photo Credit: Sky Mavis At the moment, the Ronin chain employs nine validators and, to give the go-ahead for a transaction (withdrawal or deposit), the validation of at least five of them is required. Validator nodes are a feature of proof-of-stake blockchains such as Ronin that, in effect, examine new transactions to confirm that their inputs and outputs match and that the authorization signatures are valid, rejecting any non-compliant operations. Apparently, the hacker managed to gain control of four Sky Mavis validators and one third party managed by Axie DAO. Notably, the attack was possible in part due to a system the company had implemented to resolve an overload due to the large number of users connected to its network last November.
Photo Credit: Sky Mavis To avoid further problems and attacks, Sky Mavis has currently closed the Ronin Bridge and has taken action to prevent further incidents of this type in the future, including increasing the number required of nodes for validating eight-way transactions. The bridge will be reopened when all actions to improve safety are completed.
Sky Mavis is working with Chainalysis to monitor stolen funds, as well as various government agencies to make criminals pay for their crimes. Currently, discussions are being held with Sky Mavis and Axie Infinity shareholders to understand how to best move and ensure that user funds are not lost.
Photo Credit: Sky Mavis At the moment, the Ronin chain employs nine validators and, to give the go-ahead for a transaction (withdrawal or deposit), the validation of at least five of them is required. Validator nodes are a feature of proof-of-stake blockchains such as Ronin that, in effect, examine new transactions to confirm that their inputs and outputs match and that the authorization signatures are valid, rejecting any non-compliant operations. Apparently, the hacker managed to gain control of four Sky Mavis validators and one third party managed by Axie DAO. Notably, the attack was possible in part due to a system the company had implemented to resolve an overload due to the large number of users connected to its network last November.
Photo Credit: Sky Mavis To avoid further problems and attacks, Sky Mavis has currently closed the Ronin Bridge and has taken action to prevent further incidents of this type in the future, including increasing the number required of nodes for validating eight-way transactions. The bridge will be reopened when all actions to improve safety are completed.
Sky Mavis is working with Chainalysis to monitor stolen funds, as well as various government agencies to make criminals pay for their crimes. Currently, discussions are being held with Sky Mavis and Axie Infinity shareholders to understand how to best move and ensure that user funds are not lost.