A popular Ethereum blockchain which was the victim of the largest ever crypto-heist back in 2022 suffered a $12m loss this week, but had the stolen funds returned by ethical hackers.
Ronin Network is an Ethereum Virtual Machine (EVM) blockchain designed for game developers, owned by Vietnamese firm Sky Mavis.
Earlier this week it revealed on X (formerly Twitter) that unauthorized third-party actors withdrew around 4000 Ethereum and two million USD Coin (USDC), a digital stablecoin pegged to the US dollar – a total valued at around $12m. This was the maximum amount of the two cryptocurrencies that could be withdrawn from the bridge in a single transaction, it said.
“Today’s bridge upgrade, after being deployed through the governance process, introduced an issue leading the bridge to misinterpret the required bridge operators' vote threshold to withdraw funds,” it added. “We are working on a solution for the root cause. The bridge update will undergo intensive audits, before being voted on by the bridge operators for deployment.”
Read more on Ronin Network: Ronin Crypto Heist of $618m Traced to North Korea.
However, the third parties in question were fortunately not motivated by malicious intent.
“We are currently negotiating with the actors, who appear to be acting as ‘white hats’ and have responded in good faith,” Ronin Network said in the post. “Regardless of the result of the negotiations, all user funds are safe and any shortfalls will be re-deposited into the bridge when it opens up.”
Shortly after, the firm confirmed that the funds had been returned and that it had awarded the ethical hackers a $500,000 bounty.
“The bridge will undergo an audit before it is reopened. We will provide updates as we make progress on this audit,” it concluded. “We aim to shift the operation of the bridge away from the current structure. We will be working with the Ronin validators to onboard a new solution and will provide updates on this as the work progresses.”
The generosity of the bounty may stem from the fact that Ronin Network suffered a catastrophic loss of funds when North Korean actors stole 173,600 Ethereum (worth $592m at the time) and $25.5m from its blockchain bridge – tech that enables data and asset transfers across networks.