Biggest Crypto Hack of All Time: A Breakdown of the Ronin Network Hack

Uno.Reinsure
Uno Re
Published in
6 min readApr 2, 2022

For the DeFi space, the first quarter of 2022 is coming to a dark conclusion as a massive hacker attack took place on March 23rd. Ronin Network- an Ethereum sidechain used for the blockchain game Axie Infinity, was exploited for 173,600 ETH and 25.5 million USDC, equating to over $600 million.

Last year, a hacker stole roughly $600 million in cryptocurrency from Poly Network in what was called the largest crypto heist in history. This incident was followed by numerous other hacks, including the Wormhole Bridge hack which took place in February 2022 and resulted in $325 million worth of ETH being stolen.

Ronin Network hack replaced the Poly Network Hack as the biggest crypto hack to date. It is certain that to be the target of the largest hack of all time is not a title any blockchain platform would ever want to have. But here we are again, breaking down the biggest hack in crypto’s history.

How did the Ronin Network hack happen?

Axie Infinity is among the most popular crypto games in the world. With nearly 3 million monthly active players and a market cap of over $4 billion, Axie Infinity has established a solid place in the crypto gaming industry.

Ronin is the blockchain on which the Axie Infinity game is built and developed by Sky Mavis studio.

The hack occurred on the Ronin bridge, which serves as a bridge for users to transfer their assets from other ecosystems into Ronin and vice versa.

To understand what happened, we must understand how the Ronin Network validates transactions.

“Sky Mavis’ Ronin chain currently consists of 9 validator nodes. In order to recognize a Deposit event or a Withdrawal event, five out of the nine validator signatures are needed. The attacker managed to get control over Sky Mavis’s four Ronin Validators and a third-party validator run by Axie DAO.” says the Ronin Network in the blog post in which they announced the incident.

The attacker managed to gain control of 4 of the Ronin validator keys. These 4 keys were held by Sky Mavis centralized servers.

After that, the attacker needed one more key to carrying out their malicious plan.

“The validator key scheme is set up to be decentralized so that it limits an attack vector such as this, but the attacker found a backdoor through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator.” said the Ronin Network regarding the distribution of their keys.

In November 2021, the Axie DAO validator, the entity that holds the remaining 5 keys, gave the keys to Sky Mavis to allow faster authorization of transactions. It is reported that Axie DAO later took the keys back, but here is the catch: the keys were never deleted from Sky Mavis’ server, allowing hackers to get their hands on all the keys needed to forge fake withdrawals.

The attacker discovered a backdoor through the gas-free RPC node and managed to gain access to five private keys. This included four Ronin validators for Sky Mavis and the third-party validator run by Axie DAO.

Hackers then wrote the transactions to the chain and validated them using the stolen keys. They withdrew most of the funds from the Ronin bridge in just two transactions.

According to MistTrack, the incident started on March 23. $25.5 million USDC was transferred out of Ronin bridge and that was exchanged for ETH.

The aftermath of the hack

Sky Mavis detected the assault after a user complained that they couldn’t withdraw 5,000 Ether on the Ronin bridge. This was 6 days after the hack initially occurred.

At the time of writing, a large part of the stolen amount is still sitting in the hacker’s wallet. It is reported that the hackers tried to withdraw a smaller part through centralized crypto exchanges, possibly via hacked accounts to hide their identity.

Source: MISTTRACK

Following the spread of bad news on March 29, the token price of Ronin has dropped more than 20% and is still in a free fall at the time of writing.

Crypto exchanges Binance and Huobi announced that they will support Axie Infinity in tracking the issue and returning any stolen funds that were transferred to their platforms by the hacker back to the Axie users’ wallets.

Sky Mavis also announced that they are working with various government agencies to ensure the criminals get brought to justice.

Looking at the bigger picture, the DeFi space took another harsh blow. The growing number of attacks were already causing concerns among users, and breaking the new record for the largest hack in crypto history has become the “icing on the cake”.

The need for DeFi insurance is more apparent than ever

Such massive attacks essentially do two types of damage: they cause users to lose their funds along with their trust in DeFi, and they encourage more malicious actors to consider attacking DeFi protocols. Users are the essence of DeFi, from funding to decision-making, they play a key part in all processes of protocols, and losing their trust means losing everything in the long run.

At this point, it is obvious that if the DeFi space is to overcome such problems, it will be with the help of DeFi insurance.

Uno Re, the world’s first decentralised insurance and reinsurance platform dedicates itself to maintaining the security of the DeFi space to contribute to its growth.

We are well aware that the real victims of such malicious attacks are the users who invest their hard-earned money in DeFi platforms. Uno Re believes DeFi is a revolution that will change the understanding of finance at a fundamental level and aims to provide all its parties with the peace of mind they have been yearning for, the salvation of DeFi — insurance.

About Uno Re

Uno Re is the world’s first decentralized insurance and reinsurance platform, allowing the community to invest and trade in ‘risk’ and receive sizable returns on their investments in one of the safest asset classes in the world. The platform will break barriers to entry for the retail investor by doing away with the historic pre-requisite of absurdly high capital generally needed to invest into the market while also introducing much-needed transparency into the industry as a whole. Uno Re will also allow the community to propose innovative insurance products to the space, thus propelling a new generation of Insurtech companies powered by the Uno Re ecosystem.

Twitter | Telegram | Discord | Medium | LinkedIn | Website

--

--

Uno.Reinsure
Uno Re
Editor for

Safeguarding your crypto assets and your DeFi journey.