A $100 million worth of altcoins have been obtained through Harmony’s Horizon Bridge and are being exchanged for ether (ETH).
The hack might prove the community’s earlier worries about the reliability of the two of four multisig that purportedly safeguard the bridge to be unfounded.
There were 11 transactions conducted from the bridge for different tokens between 7:08 and 7:26 ET. Since then, they have started transferring tokens to an alternative wallet in order to exchange them for ETH on the Uniswap decentralized exchange (DEX), then transferring the ETH back to the original wallet.
Frax (FRAX), Wrapped Ether, and so far (WETH). Sushi (SUSHI), AAG (AAG), Aave (AAVE), Frax Share (FXS), and Binance USD (BUSD). Through this vulnerability, Dai (DAI), Tether (USDT), Wrapped BTC (WBTC), and USD Coin (USDC) have all been taken off the bridge.
Token transfers between Harmony and the Ethereum network, Binance Chain, and Bitcoin are made possible by the Horizon Bridge. The bridge has been stopped, according to Harmony, the bridge’s operator, who made the announcement late on June 23. The BTC bridge and its assets, according to the statement, were unaffected by the attack.
The Harmony team added that it was collaborating with “national authorities and forensic experts” to identify the culprit. There will undoubtedly be a postmortem.
Requests for a response from Harmony’s developers and co-founder Nick White went unanswered. Layer-1 blockchain Harmony uses proof-of-stake consensus. One is its native token.
The reliability of Horizon’s multisig wallet on Ethereum, which only required two of the four signers to drain the cash, has previously been questioned. The low number of required signers would leave the bridge exposed for “another 9-figure hack,” said Chainstride Capital CEO Ape Dev on Twitter on April 2.
Given that the bridge’s assets are currently down by $100 million, Ape Dev’s prediction seems to have come true.
He is not the only cryptocurrency engineer who has concerns about the safety of token bridges.
In a Reddit post this past January, Vitalik Buterin outlined the problems with token bridges. According to his theory, when bridges are misused, the liquidity of each chain that is impacted is put in jeopardy. The prospect of a 51 percent attack on one chain could pose a bigger risk of spreading to other chains as the number of token bridges rises, he continued.
Since he made his prediction, the Wormhole Bridge, Ronin Bridge, and Meter’s Token Bridge have all been used for approximately $1 billion in total.
Attacks continue to pose a security risk due to multisignature. Only five of the nine validators on the Ronin Bridge were necessary to confirm a transaction. Over $600 million in assets were taken by the attacker when he gained control of the necessary five validators.
The prices of all the affected coins and tokens have not changed significantly, suggesting that the market has not yet reacted to the attack. However, over the previous 24 hours, ONE has decreased by 7.4%, with the most of the decline occurring in the last 5 hours. According to CoinGecko, it is currently trading at $0.024.