Connect with us

News

How Twitter user Prevented Possible Crypto Exploit on Cross-chain Bridge

mm

Published

on

VOC, Voice of Crypto, Crypto Attack

The BitBTC cross-chain bridge has averted potentially costly exploitation. This is due to great foresight by L2 network Abirtrum tech lead and Twitter user Lee Bousfield.

You may wonder how this is possible? Read on.

What is a Cross-chain Bridge?

A cross-chain bridge is a protocol that allows a user to transfer digital assets from one blockchain network to another. 

There is a cross-chain bridge on Optimism — blockchain on top of Ethereum that supports BitBTC. BitBTC is a cryptocurrency with a current supply of 33.9769. It is reported to have a value of 1/1,000,000 of a BTC.

The custom cross-chain bridge extends a platform for users to transfer assets between Optimism’s network and the BitBTC token.

Advertisement

With such a setup, potential hacks are possible, such as the one Bousfield pointed out.

Potential Exploit Averted

The BitBTC bridge bug was called to attention by Lee Bousfield in an Oct. 18 Twitter post. He warned that “BitBTC’s Optimism bridge is trivially vulnerable.”

Bousfield said he tweeted as the “team has ignored my messages, so I’m going to publish the critical exploit here.”

According to him, the BitBTC bridge had a bug that would enable an attacker to mint fake tokens on one side of the bridge, and exchange them for real ones on the other side. 

He said,

“The Optimism L2 side of the bridge lets you withdraw any token, and pick the L1Token address passed to the L1 side of the bridge. However, the L1 bridge completely ignores what the L2 token was, and just goes ahead and mints the arbitrary L1 token.”

Bousfield established that it would take “7 days to go through, during which the L1 bridge could be fixed via an upgrade.”

Advertisement

Not too long after, a person went on to investigate that claim, attempting to withdraw ‘200 billion fake BitBTC from Optimism.’ Claiming that it was merely a test and nothing more, he left a note, “I’m not a hacker, just want to test the exploit with a [proof of concept], won’t touch any of the valuable assets.”

Bousfield also pointed out in a subsequent tweet about 10 hours later that the bug had since been fixed after he was able to contact the BitBTC team.

Conclusion

The web3 ecosystem intends to make the world easier and better to live in. However, as it is still a developing space, from time to time, there might be glitches in its system. 

For the bitBTC cross-chain bridge and the global community, it is great that Lee Bousfield took it upon himself to alert everyone of the bug.

Advertisement

Newsletter

Trending