The BitBTC cross-chain bridge has averted potentially costly exploitation. This is due to great foresight by L2 network Abirtrum tech lead and Twitter user Lee Bousfield.
You may wonder how this is possible. Read on.
A cross-chain bridge is a protocol that allows a user to transfer digital assets from one blockchain network to another.
There is a cross-chain bridge on Optimism — blockchain on top of Ethereum that supports BitBTC. BitBTC is a cryptocurrency with a current supply of 33.9769. It is reported to have a value of 1/1,000,000 of a BTC.
The custom cross-chain bridge extends a platform for users to transfer assets between Optimism's network and the BitBTC token.
With such a setup, potential hacks are possible, such as the one Bousfield pointed out.
The BitBTC bridge bug was called to attention by Lee Bousfield in an Oct. 18 Twitter post. He warned that "BitBTC's Optimism bridge is trivially vulnerable."
Bousfield said he tweeted as the "team has ignored my messages, so I'm going to publish the critical exploit here."
According to him, the BitBTC bridge had a bug that would enable an attacker to mint fake tokens on one side of the bridge, and exchange them for real ones on the other side.
He said,
"The Optimism L2 side of the bridge lets you withdraw any token, and pick the L1Token address passed to the L1 side of the bridge. However, the L1 bridge completely ignores what the L2 token was, and just goes ahead and mints the arbitrary L1 token."
Bousfield established that it would take "7 days to go through, during which the L1 bridge could be fixed via an upgrade."
Not too long after, a person went on to investigate that claim, attempting to withdraw '200 billion fake BitBTC from Optimism.' Claiming that it was merely a test and nothing more, he left a note, "I'm not a hacker, just want to test the exploit with a [proof of concept], won't touch any of the valuable assets."
Bousfield also pointed out in a subsequent tweet about 10 hours later that the bug had since been fixed after he was able to contact the BitBTC team.
The web3 ecosystem intends to make the world easier and better to live in. However, as it is still a developing space, from time to time, there might be glitches in its system.
For the bitBTC cross-chain bridge and the global community, it is great that Lee Bousfield took it upon himself to alert everyone of the bug.
Disclaimer: Voice of Crypto aims to deliver accurate and up-to-date information but will not be responsible for any missing facts or inaccurate information. Cryptocurrencies are highly volatile financial assets, so research and make your own financial decisions.