The $625M Ronin hack

We breakdown how the hack happened, and what happened to the funds

Yet another day, and yet another hack on a blockchain

Last week, the Ronin bridge was hacked to the tune of 173,600 ETH and 25.5M USDC, amounting to a theft of a staggering $625M of funds (at today’s rates).

We delve into some fundamental questions behind the hack - how was the hacker able to gain access to the funds, what did they do with the funds, and what happens next?

Before we dive in, a little background about the company (and bridges)

The company that operates the Ronin bridge is Sky Mavis, the game studio behind the immensely popular game, Axie Infinity. Axie Infinity is similar to Pokemon, where players collect, trade and battle cute monsters (axies) against each other in an attempt to win tokens (and trade the axies as NFTs). This gained incredible popularity in 2021 as a play-to-earn game, as the underlying in-game token is the Axie Infinity Shard (AXS), a crypto has some real world value. (hence the term play-to-earn)

Axie runs on the main Ethereum blockchain, but not directly. Rather, it runs on Ronin, a sidechain operated by Sky Mavis. (We are not going to get into the mechanics of sidechains here, but the closest analogy is expanding a bus to a double decker to increase capacity)

Now here is where the bridge comes in. Because Ronin is a sidechain on Ethereum, there needs to be a bridge that connects the Ronin chain to the main Ethereum chain. This enables users to utilize tokens on one chain (e.g. Ethereum main chain) on Ronin, or any of the other side chains.

The underlying mechanism of a bridge is for another post. But in a nutshell, they use a method called wrapped tokens. Think of a casino. Your real world currency notes are a token on the main chain (i.e. country’s economy). You go to the casino’s money counter (bridge), where the casino takes your note, and hands you a chip of equal denomination (wrapped token). You can then use this wrapped token in the casino’s economy (sidechain). To convert it back to the main token, you go back to the counter (bridge), who takes the wrapped tokens (chips) and returns the main token (currency).

So back to the hack now, and the mechanics behind it

The Ronin sidechain has 9 validator nodes, which verify all transactions. This isn’t strictly decentralized, but that’s the compromise made to vastly increase the scalability of the transactions

The attacker managed to gain access to 5 of the validator nodes - 4 of Sky Mavis, and 1 of Axie DAO (a community DAO that Sky Mavis relied on to scale the platform). Once the hacker(s) had the majority, on Mar 23, they able to successfully execute two transactions:

1. 176000 Eth - You can see the transaction details in the link. The attacker converted 176000 of wrapped Ether to Ether in the Axie Infinity’s official wallet, and then transferred that to their own private wallet.

2. 25.5M USDC - A similar transaction, but this one is for 25.5M of USD coin, which is a stablecoins (who’s value is pegged 1-1 to the USD).

The exact mechanics of how the hacker gained access is more complex, with some vague details provided by the Ronin team here (their official statement). But two key factors seem to have aided the hacker:

1. A vulnerability in the Remote Procedural Call (RPC) node used by the Ronin chain

2. Poor access controls - access granted to the Axie DAO in Nov 21 to sign transactions during peak transaction loads, was not revoked properly once completed

What happened to the stolen money?

Well, you can actually observe the movements of the hacker in real-time. The wallet address of the exploiter is here

Weirdly, the hacker transferred some of the tokens into several wallets at centralized exchanges (e.g. FTX, Coinbase). This is strange because there are stringent KYC norms at these exchanges, which means that any attempt on the hacker to convert to fiat currency will immediately send alerts to major law enforcement agencies. (The beauty of a public chain is that any attempt to transfer to other wallets or use in any transaction also sends red flags.)

To circumvent this, the hacker moved to using a mixer - the most well known of which is Tornado Cash. This is the perfect laundering machine - the tornado cash mixer breaks the public linkage between the sender and receiver address. You can send eth to the tornado router from one address, and receive it back to another (with no link in between). The received Eth can now be withdrawn or used freely by the hacker

The hacker did exactly this for ~2000 eth a few hours ago

1. 2000 Eth transferred from main hack wallet (Ronin Bridge Exploiter) to Ronin Bridge Exploiter 8

2. The hacker then transferred it to tornado cash in 20 transactions of 100 Eth each

What does this mean for the victims of the attack and Sky Mavis?

So far, this is unclear. Sky Mavis has publicly stated that they intend to refund users who have been victims of the attack

It is also unclear of what will be the source of funds to fund this. Sky Mavis has over a billion dollars in treasury, and has the capacity to raise more money by selling equity, as needed. But the timelines of such a move is unclear. At the moment, all we know is that the Ronin bridge continues to be under maintenance as they migrate their nodes

There is a broader lesson in all of this. We wrote another post on the blockchain trilemma - the three pillars are scalability, security and decentralization, and how it’s extremely difficult for a chain to simultaneously score well on all three. Ronin chose scalability, but compromised on security (compromised nodes) and decentralization (only 9 validators), which enabled this hack to happen.

These are learnings as the ecosystem evolves. And there will be more hacks in the future. But if you are an active participant in the crypto community, a good takeaway is to do your research on the chains or dapps that you use. Often, fast or cheap comes at a price, and it’s generally advisable avoid locking in significant capital in an untested, unproven dapp or chain.