On September 19, Ethereum’s popular layer 2 solution, Arbitrum, was implicated in a white hat hacker. resource, hackers discovered a potential vulnerability in Arbitrum’s code. As a result, the network used 400 ETH worth about $560,000 in return.
Over the years, many hacks and exploits have impacted the crypto industry in different ways. Some hacking incidents are related to vulnerabilities discovered by hackers in encrypted networks.
Some white hat hackers sometimes settle down and get bounties from the protocol. But other hackers find available funds from network breaches.
Hacker, called Riptide on Twitter, found a vulnerability in a smart contract written in Solidity. Riptide was discovered after scanning the code a few weeks before the release of Arbitrum Nitro. Hackers want to verify contracts to determine if their update was successful.
Hackers find vulnerability in Arbitrum L1-L2 bridge
After completing the update, Riptide discovered some bridge bugs that prevented it from working seamlessly. Finally, the hacker did some detailed inspection and found a delay in the bridge’s inbox sequencer.
According to Riptide, users can sign and publish L1 transactions in the Arbitrum Chain’s Delayed Inbox to send messages to the Sequencer. Such a process is mainly applicable when using bridges to deposit ETH or other tokens.
By rescanning the contract, the hacker admitted a serious loophole in the contract. Riptide pointed out that the inbox sequencer had a bug that could allow him or any bad actor to steal millions of dollars.
They can transfer received ETH deposits from L1 to L2 bridge to their wallets before they get noticed.
After he discovered it, Riptide reported the vulnerability to Arbitrum and asked for a reward of only 400 ETH. However, this result surprised Arbitrum as they had given the hackers up to $2 million in funding.
Crypto Space and White Hat Hacking
The crypto space has faced several white hat hacks. Such hacking attacks on different platforms are related to the discovery of potential vulnerabilities in the smart contracts or code of the network.
Additionally, Coinbase donated $250,000 to a hacker dubbed the “Alpha Tree” in mid-February. Hackers have discovered a vulnerability in the cryptocurrency exchange’s “advanced trading” feature and saved around $1 billion in losses. Coinbase reports that the payment is the largest bounty in its history.
Recall that in March 2022, Arbitrum suffered a hack and lost over 100 NFTs from TreasureDAO. At the time of the incident, the tokens were worth about $1.4 million.
Featured image Pixabay, Chart: TradingView.com