Wormhole, a popular cryptocurrency platform that offers bridges between multiple blockchains, announced on Twitter that it noticed an exploit. The attacker apparently exploited the bridge between the Ethereum and Solana blockchains. It redirected around $320 million worth of ETH to crypto wallets that don’t belong to the Wormhole team.
A bridge is a combination of smart contracts that facilitate interoperability and transactions between different blockchains. Users typically use a web app to take advantage of a bridge. They connect their wallet with the web app and then initiate a transaction.
Once the transaction is confirmed on the origin blockchain, crypto assets are released on the destination blockchain and transferred to the user wallet. For instance, you can send ETH and receive SOL in exchange.
Yesterday, Wormhole took down its website. “The wormhole network is down for maintenance as we look into a potential exploit,” the team wrote on Twitter.
Crypto analysts quickly noticed two suspicious transactions. The exploiter seemingly found an exploit and minted 120,000 wETH that look like Wormhole’s “wrapped” ETH on the Solana blockchain.
Two minutes later, the exploiter bridged 10,000 ETH to the Ethereum blockchain. Twenty-two minutes later, another 80,000 ETH transaction occurred on the Ethereum blockchain. Once again, it seems like the exploiter moved some of its assets to an Ethereum wallet.
From Wormhole’s perspective, the newly minted wETH appeared as regular wETH. Wormhole released ETH to an Ethereum wallet based on those wETH, so the exploiter essentially stole some ETH from Wormhole’s reserves.
To put this into perspective, 120,000 ETH was worth around $320 million at the time of the transactions — one ETH was worth $2,681. ETH is currently trading at $2,622 at the time of this article, down 2.2% since the exploit.
The Wormhole team later confirmed the exploit. “The wormhole network was exploited for 120k wETH,” the team wrote on Twitter.
In another tweet, Wormhole said that “the vulnerability has been patched.” The bridge is still down as I’m writing this.
It’s unclear what’s going to happen next with the assets and if wETH in Wormhole’s reserves are still backed by ETH. Wormhole initiated a transaction to the exploiter with a note. The Wormhole team is willing to offer $10 million in exchange for the assets. It’s going to be a weird decision.
Here’s what Wormhole wrote:
This is the Wormhole Deployer:
We noticed you were able to exploit the Solana VAA verification and mint tokens. We d like to offer you a whitehat agreement, and present you a bug bounty of $10 million for exploit details, and returning the wETH you ve minted. You can reach out to us at contact@certus.one