How Hackers Stole $323M From the Wormhole Bridge
Covering the Biggest Solana Hack in History
By Valkyrie Holmes
Just last week, over $323 million dollars in cryptocurrency was stolen off of a blockchain bridge called Wormhole. Hackers were able to exploit the system using a software bug hidden inside the service and extract enough funds to make it the fourth-largest cryptocurrency scandal in history. Here’s how it happened.
WHAT IS WORMHOLE?
To understand the situation at hand, we need to fully understand what Wormhole is. Wormhole is a decentralized finance application, defi for short, that allows inter-blockchain transactions. This means that one can move coins from one blockchain to the other. For example, users can swap their Solana for ethereum along their eth network, hence the name “blockchain bridge.”
The bridge contains two smart contracts: one on the original currency’s chain and another on the transaction chain. One currency is locked into the contract and the other is issued a parallel token to be used in place of that one on a different network. This is because Wormhole uses wrapped tokens.
Wrapped tokens are currency markers tagged to the value of said cryptocurrency that connects them between different blockchain networks. This allows tokens from other networks to be used on the Wormhole system after being minted. Wormhole simply serves as an intermediary, almost like creating clones of a token on a different blockchain network. The token will always maintain the same value and characteristics. So you can have “wrapped” ETH on a Binance chain or “wrapped” BTC on the ethereum network by locking one with a smart contract and minting clones on the other network.
The last thing you have to understand about this system is the fact that there are three different components of Wormhole’s bridge algorithm. The first is the custodian, a governance protocol that approves a task submitted by the system. The second is the merchant, a digital middleman that initiates said orders. And finally, the user, which actually wraps tokens for transactions. The bridge requires a custodian to keep an equal amount of cryptocurrency stored in its original form with proof of reserve on the blockchain. This allows the network to keep track of the currency going in and out and both boosts usage on multiple blockchain networks and grants people faster transactions at lower speeds.
THE THEFT
Hackers were able to create fake signature accounts through Wormhole’s backend platform. It turns out that Wormhole’s backend wasn’t validating all of their guardian accounts, meaning that not all smart contracts were being verified. The thieves were able to mint 120,000 ETH coins (worth around 323 million at the time) on the Solana chain, which they then transferred around 93,750 tokens into a private ETH wallet. None of the coins were verified, essentially creating fake signatures for the provided action that approved the coin values.
Basically, they minted fake coins on the Solana chain that could then be transferred over to the ETH network as real tokens, retrieving unwrapped ETH from the contract.
Wormhole went down after moderators noticed the discrepancy and lack of funds and was back online after approximately 16 hours. They offered 10 million dollars for any information leading to the conviction of the hacker or hackers involved. The hackers still haven’t responded to this day. This made it the fourth-biggest cryptocurrency theft of all time, adding to the $10.5 billion dollars in crypto theft from 2021 alone.
Maybe the craziest part of all of this was that Wormhole got complete backing from Jump Trading, a team of domain experts that partner with companies to innovate in the crypto space and have done so for years. Jump Crypto HQ tweeted:
“[We] believe in a multichain future and that wormhole is essential infrastructure. That’s why we replaced 120k ETH to make community members whole and support Wormhole now as it continues to develop.”
The company donated over $323M dollars to this DeFi tech company, closing the gap. The attackers still haven’t been identified and the original money hasn’t been retrieved. Wormhole has strengthened their servers and are continuously working to make their blockchain bridge safe and secure for all users.
