Aergo Bridge Incident Report (Updated)

Summary:
7.7 million Aergo tokens were withdrawn via the Aergo Bridge service. All transactions were processed normally, with precise amounts transferred between the Aergo and ERC vaults. The bridge service has been temporarily halted by our threat detection system due to an unusually high amount of transactions. We are conducting a comprehensive review of all systems and will resume service once everything is verified.

*Both vaults and the bridge have not been compromised by any hacks and remain secure.

1. Details of the Incident
Beginning with block 19905987 at 07:11:59 on May 19, 2024 (UTC), a notably large transaction marked the start of suspicious activity. The total Aergo tokens withdrawn in these suspicious transactions amounted to 7,706,818.22.

2. Immediate actions
Following the detection of these unusual activities, we temporarily suspended the Aergo bridge service. All functionalities have been put on hold, and emergency inspections are underway to assess and rectify the situation.

3. Final Notes
We’ve temporarily halted operations on the bridge service due to a false alarm caused by functionality limitations in Argoscan, which our Fraud Detection System (FDS) relies on for monitoring bridge vaults. We are currently focused on confirming the security of the funds held in the Bridge Vault.

Upon the initial review, the issue with the Bridge Vault and associated services was not due to a security vulnerability. Instead, it stemmed from a malfunction in the Fraud Detection System (FDS) triggered by an error in the explorer. This incident has been identified as a technical error, and we are confident there are no additional security concerns.

The enhancement of the AergoScan Explorer is actively underway. We are diligently working through the development and review processes, anticipating the completion of these improvements within two weeks following the resumption of bridge operations.