Unchained - Bridge Hacks Have Caused ~$1 Billion in Losses. Here’s Why Bridge Security Is Tricky - Ep.336
Episode Date: April 1, 2022Arjun Bhuptani, founder of Connext and bridging expert, breaks down the Ronin bridge exploit that led to a hacker stealing $600 million+ and discusses different bridge designs that could limit future ...attacks. Show highlights: how a hacker was able to drain more than $600 million from Ronin bridge the difference between DeFi hacks and the Ronin bridge exploit, which was a social-engineering based attack why multisig bridges are susceptible to social engineering attacks why Arjun believes the Ronin hacker is a sophisticated entity whether Sky Mavis will be able to reimburse users the different attack vectors for cross-chain bridges what Arjun thinks about different bridge designs Thank you to our sponsors! Crypto.com: https://crypto.onelink.me/J9Lg/unconfirmedcardearnfeb2021 Coinchange: https://coinchange.io OnJuno: https://onjuno.com/ Episode Links Arjun Bhuptani Twitter: https://twitter.com/arjunbhuptani Ronin Hack Latest update from Ronin https://twitter.com/Ronin_Network/status/1509284549020188672 https://twitter.com/Psycheout86/status/1509134627319033863 Community alert explaining the hack: https://roninblockchain.substack.com/p/community-alert-ronin-validators?s=w Etherscan of the hack taking place https://etherscan.io/address/0x098b716b8aaf21512996dc57eb0615e2383e2f96 Reactions Mudit Gupta – the hacker is sophisticated https://twitter.com/Mudit__Gupta/status/1508868214075310091 Arjun Bhuptani – why multisig bridges are vulnerable https://twitter.com/arjunbhuptani/status/1508861771595059205 https://twitter.com/arjunbhuptani/status/1508861771595059205 Ed Zitron – social engineering https://ez.substack.com/p/the-infinite-exploitation-of-cryptocurrency Information on Ronin https://twitter.com/joel_john95/status/1486809221962289154 Why bridging is hard https://blog.connext.network/the-interoperability-trilemma-657c2cf69f17 Arjun’s latest article on Optimistic bridges https://twitter.com/arjunbhuptani/status/1509582024104939523?t=4HCssiWfO5v65ehXRnWL3A&s=19 Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
Hi, everyone. Welcome to Unchained. You're a no-hype resource for all things Crypto. I'm your host, Laura Shin, author of The Cryptopians. I started covering crypto six years ago, and as a senior editor at Forbes was the first mainstream media reporter to cover cryptocurrency full-time. This is the April 1st, 2022 episode of Unchained.
Coin Change is the easiest way to earn passive income using crypto. You can safely deposit cash.
cash or cryptocurrencies to earn up to 20% annual yield.
There is no lending or market risk, just simple, high return yield farming.
Create an account today at tri-defi.c-c-unc and receive 40 USDC.
That's tri-defi.cc slash uncc.
If you're frustrated that your bank account isn't crypto-friendly, it's time to make a change.
On Juneau is a powerful new checking account.
that lets you buy, spend, and earn in crypto.
It's free to open an account and even comes with a metal card.
Download the On Juno app today.
With the Crypto.com app, you can buy, earn, and spend crypto in one place.
Download and get $25 with the code, Laura.
Link in the description.
Today's guest is Arjun Buktani, founder of Connects Network.
Welcome, Arjun.
Thanks, Laura.
Thanks for having me.
This week, we saw the largest.
hack in Defi history, a $625 million hack, which was 176,300 ether, and 25.5 million USDC.
And this involved the Ronan Network. Tell us what the Ronan Network is and what happened in the
hack. So the Ronan Network, I apologize to the Ronan team if I don't get this exactly right,
but the Ronan Network is an Ethereum side chain that is built to host the AXA ecosystem,
which is one of the largest, like, played earn games in the world right now.
The Ronan chain itself is, like, run by a decentralized set of validators,
but then Ronan has its own Ronin bridge,
which connects Ethereum to the Ronan chain.
And the hack specifically was a hack of the Ronan bridge,
where Ronan bridges, you know, has nine validators
and requires a five out of nine threshold signature
to be able to, like, complete transactions between chains.
and five of those validators were compromised, leading to $650 million being stolen from the bridge itself.
Wow. And how was this money moved? It was literally just they pretended to be all these validators?
Yeah. So that's kind of where things get interesting. So this is basically, it's an example of a multi-sig bridge where you have a certain number of signers.
that are responsible for saying that something happened on one chain
and then relaying it to another chain.
And in this case, it was specifically associated with funds
but it really could be like any kind of data.
In this case, all nine of the people
who are validating the Ronan Bridge
were people associated with the AXE ecosystem
in different ways.
So there's like some that were run by the AXI Dow
and some that were run by, I think, the Ronan team and others.
And what ended up happening was
there was a combination of two,
things that led to this attack.
Four, and there aren't
exactly clear details on everything at the moment,
but four of the validators
were compromised all at once.
It's unclear whether this was because
they were using, they were all run by the same
people, and it was unclear whether
this was because they were using like the same
key management system or something else.
And then in addition to that
one validator that was run by the
AXIDAO was also compromised.
And I think
the four that were compromised were
compromised because in the past there had been an RPC that like a basically like a whitelisted
specialized RPC that had been set up by the AXA ecosystem that was a gas free RPC.
And an RPC is a connection to the blockchain. And so they had set up a specialized
connection to the blockchain, a specialized node that people could actually send transaction
through that was not charging transaction fees. That was subsidizing the cost of transactions.
And that was no longer being used, but that RPC had not actually been removed from the White List for the last couple of years.
And what happened in this case was that it sounds like, and again, this is only high-level information that has been shared by SkyMadis,
but it sounds like that specific RPC was compromised and leading to those four signers signing and incorrect.
message. So the RPC basically requested that the signers would sign a message that was actually
a false message designed to exit funds from the bridge that shouldn't have been exited.
Wow. And just, I think you might have misspoke when you said that the white list access had
been revoked for a few years. It was, I think, a few months. It was in December of 2021 that they stopped
using it. Or? Yes. Sorry, that was when they stopped using it. But the white list, I think the access
had initially been given in 2019, if I'm, if I'm remember.
Right. But I think, am I wrong that that's when the white list access should have been revoked?
No, no, you're right. You're right. You're right. That it should have been revoked in 2020.
Okay. So one other thing that people were really shocked by is the fact that the hack actually hadn't been discovered for six days. How is that possible?
Yeah, that is a good question. I don't know. I think it's a bit of a failure to know.
not have the monitoring and alerting in place to be able to discover this.
I think it's also astounding that nobody found out.
I think like this community tends to be very, very diligent about these sorts of things.
And I think also typically, you know, when you have this large of an ecosystem of users,
at some point, someone ends up checking the balances on ether scan and sees, wait, this is a
lot lower than it should have been.
So it's unclear exactly how it remained undiscovered for that long.
But it is definitely a massive oversight.
regardless.
So the main culprit in this hack, most people believe, was social engineering, as opposed to
kind of what we typically see in a defy hack.
Just explain kind of maybe what a typical defy hack, how that is typically perpetrated,
and then what social engineering is.
Yeah, absolutely.
So normally when you are using a defy protocol,
you're interacting with the contracts associated with the defy protocol itself.
And those contracts don't, you know, and I'll get into like maybe those contracts
may be owned by a multisink or something like that.
And that's definitely an attack vector.
But typically the contracts themselves are just an implementation of the protocol that has
been audited and thoroughly vetted in theory.
And so you trust kind of the implementation of the protocol itself.
And when a defy hack happens, it's usually an attacker finding something in the core
protocol code in solidity or whatever that that was implemented incorrectly and then actually
maliciously executing that code to be able to withdraw funds from the system without having
permission to do so. Now, of course, DFI protocols can also have like multi-sig owners, and
this is true for a lot of like the D5 dollars in the space right now or even for some of the chains
where you have a multi-sig that actually controls upgradeability into this contract and things
like that. So that adds a little bit another layer of risk, which is that even if the core
protocol itself is secure, the multi-sig itself may not be. In this case, it was a little bit
different, where it's like you had only the multi-sig and no underlying protocol. And the multi-sig
itself, while multi-sig implementations are pretty robust now, and we can be generally safe in assuming
that they're not going to be hacked unless you're like really building something complicated
from scratch. Or, you know, in the case of like the wormhole hack, you're dealing with, you're dealing
with dependencies on another chain that are slightly different,
and you may not necessarily know what those dependencies are doing.
In this case, what ended up happening was something a little bit different,
which was off-chain, completely separately from the code implementation,
you had, basically, you compromised the multi-sig signers themselves.
And the attacker was able to get control of the system
by figuring out who are the people running,
who are the people who were able to sign for these transactions,
and how can I specifically target some subset of them to steal funds?
That's a really interesting change.
I think generally speaking, we haven't seen too many of these kinds of attacks in defy,
largely because I think in my opinion, at least in my opinion,
like usually by this point, like the kind of key management systems and things like that are pretty robust.
But even in addition to that, like having a five out of nine multi-sig system that is hosting this amount of money is a massive amount of risk.
and so people typically have been able to like avoid this kinds of social engineering.
But I think a large part of it also comes down to the fact that hackers are becoming more sophisticated in the first place.
And so, you know, they're realizing that there are more easy attack vectors than simply trying to attack the contracts themselves.
And ultimately, and this is something that's true widely in the security space, humans are the biggest vulnerability.
And like having humans in the equation really is the biggest problem that you would need to solve in the first place.
Yeah, yeah. I mean, clearly, obviously, I'm not going to claim that I'm like some master impresario with my own passwords, but I recognize that that, you know, I'm sure all of us recognize that that is our own vulnerability. And famously, Stefan Thomas of Ripple had accidentally locked away his bitcoins because he came up with some really, really fancy password and used that.
to lock a device that after 10 attempts would completely lock him out of his funds if he didn't
remember it. And then he didn't remember it. And he was down to like seven or eight. He had done
seven or eight tries. I was down to the last few. But anyway, so in a moment, we're going to talk
a little bit more about, you know, the bridge security issue. But first, a quick word from the sponsors
who make this show possible. There's been a lot of buzz around getting paid in crypto. And it's easy with
On Juno, the all-in-one crypto and banking app. You can set up a direct deposit and earn a portion of
your paycheck in crypto. You get 10% back when you spend USDC with the On Juno card, as well as a 4%
yield on your USDC. Not to mention, you can buy crypto with zero fees. All of this from an FDIC-insured
checking account. On Juno integrates directly with your direct deposit system, has no transaction fees,
and is already being used by employees of some of the biggest tech companies,
like Google, Apple, Amazon, and Microsoft.
It's free to open an account, and today you can get $50 added to your first direct deposit using code Laura.
Download the On Juno app today.
That's O-N-J-U-N-O and use code Laura for $50.
Join over 10 million people using crypto.com.
The easiest place to buy, earn, and spend over 150 cryptocurrencies.
Spend your crypto anywhere using the crypto.com visa card.
Get up to 8% cash back instantly.
Plus 100% rebates for your Netflix, Spotify, and Amazon Prime subscriptions.
Download the crypto.com app now and get $25 with the code Laura.
Link in the description.
Back to my conversation with Arjun.
So last piece on this.
the social engineering bid, Muda Gupta, Chief Information Security Officer of Polygon, tweeted,
I'm 99% sure that the hacker is someone seasoned with a lot of cybersecurity experience,
not a crypto D-Gen kid. So can you just explain what he meant there?
Yeah. I think this kind of goes back to what I was saying, where it's like,
there are a very, very large number of social engineering and fishing and other kinds of similar,
like economic, even economic attacks that happen in crypto.
most of them don't happen at this kind of scale.
And so we haven't historically had to talk about them as much.
But we have a discord full of people in our community who get scammed all the time.
And like we, you know, we try to educate them about like, okay, don't give people your private key.
Don't do XYC.
Don't approve random websites to spend your tokens.
But these are all like crypto-specific challenges that I think there's a massive information asymmetry around.
In this case, I think, you know, the fact that we weren't dealing with those kinds of lower
level scams and like fishing attempts. And we weren't dealing with, also not dealing with like
somebody just hacked up some solidity contracts that they happened to like look at. And it was a,
you know, it was some, typically those hacks end up being something associated with like either
a mistake in the implementation or some sort of like flash alone attack or something like that.
But instead, this was much more, much, much more sophisticated. You know, the attacker knew a lot
about these systems. They knew a lot about the breakdown of the signers in the road.
and bridge, they knew exactly who controlled what keys, and they knew how to specifically
go after those people. Now, of course, it was a failure. It is absolutely a massive security
failure that four of the keys were actually controlled by the same core set of people in the same
environment. And so that automatically, dramatically reduces your security, right? Turns this,
you know, five out of nine multi-sig into a two out of five system because all you really need to do is
compromise all four of those people at once. But even beyond that, the way in which those people
were compromised is very interesting. This attacker recognized that there is this deprecated RPC
that people are not using anymore, realized that they could spoof a signature through that and
utilize that to get four of the signatures. That's that that that betrays a level of understanding,
not just of crypto, but also of like like the deep intricacies of like the the security systems and
security groups that were likely set up for all of these RP, for the RPC itself and then also
the validators. I think the evidence here points to the fact that this is, this is like,
this is obviously a much more sophisticated attack, right? This is like level of, in many cases,
exchange, exchange attacks rather than what you would typically see in a defy attack, where this
likely required quite a bit of meticulous planning and wasn't just, or why discovered something
in the contracts, some artifact of the contracts that just happened to be there. Yeah, it sort of
reminds me of the Binance one, where they must have like cased it for a while. Yeah.
So Sky Mavis announced that I would like to reimburse all the people who lost money. How likely
do you think it is that they will either do this or be able to do it? Yeah, that's a good question.
I mean, I think, you know, in previous instances, like, again, Warmba is the most recent one that
comes to mind. You had, you know, someone financially backing the system who was able to
to like drop hundreds of millions of dollars to to like keep the system operational after the
hack happened in this case it's i don't know if sky mavis has that kind of institutional backing that
where someone would be willing to drop that kind of money that said they are a very large organization
that is generating a lot of revenue and i think that that's that says something
I think the other piece of this is also a question of like when they would be able to reimburse.
So for instance, even if they're not able to do it right now, it's pretty highly likely that through chain analysis, this attacker would either be found or at least some of the funds would be returned because realistically it's going to be extremely difficult to launder $650 million.
Even if you use tornado cash, you can't really build an anonymity set large enough to, you can't really build an anonymity set large enough to.
cover that amount of funds at the moment.
And in general, it's unclear whether, you know,
this could go in the direction of some of the old exchange hacks
where it just sort of like lies in somebody's wallet
for a very long period of time
until authorities are able to track the wallet down.
And I think in this case, this wallet had specifically interacted
with FTCS in the past.
It's most likely a falsified account,
but that does give authorities some lead
into figuring out who the attacker might.
might be. Yeah. I honestly, whenever I see something like this, I'm a little bit like,
don't you know you're not going to be able to use that money? You know, but anyway, so there's
been so many hacks of bridges recently. Why don't you just explain a little bit further,
you know, what exactly a bridge is and why it is that bridges seem to be where so many of the
defy hacks are centered nowadays? So bridges are basically mechanisms to communicate between chains.
they have varying levels of security and varying levels of functionality.
I think, you know, if you kind of rewind to a couple of years ago,
like most bridges were just like very, very, very simple structures
that were set up to be able to interact with some side chain or something like that.
And they were typically run by the team, like the chains team itself,
which was in this case what was true as well.
But they were typically run by the chains team itself.
And they were typically just like limited to the transferring of certain specific kinds of funds.
Today, bridges are starting to get a lot more sophisticated in some ways, but not in others.
I think in general, people are recognizing that allowing communication between chains is actually
a really, really incredibly valuable thing because we're starting to move towards this world
where it's not really possible to scale, or people are realizing it's not really possible
to scale to meet the requirements of the market only on a single chain.
So we're kind of like fragmenting like applications and the execution on those applications
to all of these different environments.
And now this brings up this much more interesting problem
of how do you actually make it easy for users
to get between these different places?
If I'm using an application on Ethereum,
how do I go and interact with,
and I have all my funds on Ethereum,
how do I go and interact with another application running on Polygon?
And most importantly, how do I do that in a way
where users are not putting themselves into a significant amount of risk
or the other end of the spectrum
having to deal with this very, very complicated process
where they might not really even understand what's going on.
One thing that has happened in the last, you know, a couple of years is that there's been this
massive proliferation of a specific type of bridge, which is multi-sig bridges, which is basically
at a high level is a bridge where you have a certain subset of people, a certain set of people,
and then a certain subset of people are able to, of that group are able to verify that something
happened across chains correctly. And there's a, there's a bunch of different mechanisms for
doing this, you know, there's simple multisigs, there's threshold signers, there's MPC systems,
which is multi-party computation, then there's like POS bridges. But effectively, they have the same
rough idea, which is like this group of people is responsible for taking like data from here
and putting it over here, data or funds. Now, the risk of multisig bridges is you have this
validator set associated with the bridges. In the case of the Ronan Bridge, it was the nine
the nine kind of signers in this or in the Ronan Bridge multisagint.
And that validator set is likely very different than the set of people that are validating
the chains themselves underlying.
And in most cases, I've yet to come across very many cases where this is not true.
That validator set is typically much weaker, as in from an economic security standpoint,
it's a smaller number of people that are more likely to be corruptible with less money
at stake than the underlying chain.
And I think that will probably remain true into the long term for chains like Ethereum
where it's very, very unlikely that if you go and you build a multi-sig bridge today,
that you'll ever be able to achieve the level of decentralization security as Ethereum.
Because Ethereum is by far the most secure chain,
most secure programmable chain out there right now.
Now, the kind of necessary conclusion of this is that bridges are this security vulnerability.
There are, because at least the way that they're consistent,
constructed right now, you can have these chains and attacking these chains is extremely difficult,
but the bridges represent this like one chink in the armor where like you can potentially go
and steal very, very significant amounts of funds from a chain. And because now that ecosystem,
or at least that bridge is, is just much more easily attackable than anything else in the
space. This wasn't necessarily true for like defy protocols building on top of chains either.
Because for a defy protocol, you know, as long as the implementation is correct,
I want to couch that in, couch, you know, my statement in that because that's always true for any, any kind of thing that you build.
But as long as the implementation is correct, you can trust that the defyre project is inheriting the security of the underlying chain, which is usually very, very strong.
So that, I think, kind of gets into why we're starting to see a lot of projects.
This is new technology. It's at the moment being constructed in a way, which is very, very high risk and is a significant step down in security compared to the chains.
and it's also growing incredibly fast
because this market has just exploded out of nowhere
for interoperability, for communication across chains.
Now, there are better ways to make bridges,
and I think that that's something that people are now starting to realize.
I think this is the, you know,
the conversation first started with the wormhole bridge hack a little while ago,
and now it's accelerated,
and I'm seeing an increasing number of people kind of saying,
we need better bridges, we need better systems out there
that aren't necessarily going to rely on, you know,
some external set of validators that could be compromised. And it's like even if, even if they're not
compromised, even if you have excellent key management, at some point, you know, it's a honeypot.
Like at some point, there's a, there's enough money in the bridge that, you know, if you,
if you have this set of people that are running the bridge, now there's five people controlling
billions and billions of dollars. That's, that's an objectively bad situation. And that kind of
defeats the purpose of crypto in the first place. And so I think people are kind of realizing that
this is, this is an unsustainable direction. We need to figure out some.
mechanism for building bridges where you aren't necessarily going to add this additional security
assumption. And I can kind of like jump into that if you think that would be interesting.
Yeah. Yeah. Please do. I kind of touched on multi-sig bridges as like one of the one of the
bridges and the early really like the earliest kind of mechanism of bridging that is out there in
the space today. But now through through a lot of research that's happening in this space and we're
kind of we're trying to contribute to this as well with connects. We're starting to see that there are
other mechanisms for cross-chain communication.
The other kind of simple one that has been around for a really long time is
atomic swaps, and that's been just talked about for ages.
And it is a secure bridging mechanism.
It is a secure, like, I guess, swapping mechanism because we have understood the constraints
and the risks around it for a long time, and because the risk of an atomic swap is compartmentalized
to the people that are kind of swapping with each other.
But even beyond that, if you want to go past, like, simple atomic swaps to, like,
I want to be able to do more arbitrary data passing between chains.
Or I want to be able to have this connection between chains that doesn't require having a counterparty.
That's when you get into more interesting kinds of bridges.
So the first one that is that I think a lot of people are really starting to become familiar with is IBC,
which is the cross-chain communication mechanism in Cosmos.
And what IBC uses is with IBC you have Cosmos chains basically natively validating each other.
You run a light client of one chain in another chain,
and that light client verifies the consensus of the other chain.
And so you can be generally very, very confident that the consensus,
because you've verified the data coming from the other chain
and the entire validator set of the cosmos chain is verifying the data from the other cosmos chain,
you can be generally very confident that the security of the system
ultimately just will trickle down to the security of the chains themselves,
which is really like the ideal.
Now, there's drawbacks to this.
The primary drawback is just that it's a bespoke solution.
Building a like client for a chain means you have to understand,
or basically to communicate with another chain means,
you have to understand that other chain's consensus mechanism,
and you have to be able to replicate that consensus mechanism within the first chain.
That's not only not possible in many cases,
but it's also extremely difficult to do for every chain.
So if you kind of like zoom out of Simply Cosmos to the rest of the ETH ecosystem
and Avalanche and all of these other ecosystems,
out there, it's extremely heterogeneous.
And so that means you would have to build custom implementations on each chain to be able to
run IBC everywhere.
I think it's likely that people will work towards something like that, but that's not really
a solution that's going to be able to be fixed or at least be functional within the next
couple of years.
I think it'll just take lots and lots of research and work to get to that point.
The other kind of bridge that I think a lot of people have started to be really interested
in is zero knowledge bridges.
So, you know, similar to IBC and a kind of a like kind of.
client-based bridge, utilize zero-in-large proofs to basically validate that the data coming from
one chain is correct. In effect, what you're doing with the zero-knowledge bridge is actually
very, very similar to what you're doing with the client bridge, except it's heavily optimized.
And there are some, like, slightly different trust considerations. With a zero-notge bridge, you are
also, like, verifying consensus. And I think that once again brings up this, like, core problem
of like, okay, how you're going to have to do this custom implementation for every chain. And I think
in zero knowledge, this actually is exacerbated by the fact that there are some kinds of consensus
mechanisms that cannot be proven in zero knowledge because of how they work. And so in those cases,
you do have to actually have something like a finality gadget, which basically introduces another
trust assumption that is now another external set of people that are verifying that something
happened that can be an attack factor. And so in my opinion, I think zero knowledge bridges are
probably like a sort of like a lot of people talk about them as a holy grill, but I think that
they they have their own set of drawbacks that that will make it difficult for them to really
work in the interim before we kind of get there. In the same way that like, you know, people,
the same, the same sort of like criticisms that have been levied towards like zero and all
drawlips or versus optimistic role as being that, you know, it just takes time to build
zero and all systems. Like these things, this is new, very fundamentally new math that is still
being discovered while we're doing it. And so it'll take time to get to the point where it's like
easily applicable everywhere.
The last kind of bridge, and this is the one that I have been admittedly showing a lot on Twitter, is optimistic bridges.
And I really like this construction because I think it gives us the best in-class solution today that we can use to fix the kind of massive systemic risks around multisig bridges without having to spend years and years and years of research to get to the point where we have these like fleshout constructions for zero knowledge or like client bridges.
And basically with an optimistic bridge, it's a similar kind of construction and has borrows very heavily from concepts, from like optimistic roll-ups, where rather than saying that you have a certain set of people that is like hoarding data from here to here, or you have, you know, the chain on the receiving, like the receiving chain kind of validating the data natively, instead you just relay that data optimistically.
Just go ahead and push it to the receiving chain.
and then you have a cool-down period.
So you have a period of 30 minutes within which anyone who is kind of watching this interaction can go and prove fraud.
Now, this is powerful because it means that unlike with a multisig bridge where you have, it's an N-of-M system.
So you have to, you know, you could, you only need to corrupt N people to be able to take control of the system.
With a optimistic bridge, it's a one-of-M system, which means a one-of-M honest party system, which means you would need to go and figure out,
throughout the entire world, if there is anyone anonymously watching the chain to prove fraud.
And if the only way to be sure that you doing fraud, like you, you know, fraudulently making a state update,
fraudulently pushing a transaction through this bridge would succeed, would be if you could be sure that there was no one else in the world that was going to try to contest your fraudulent transaction.
And fundamentally, it's impossible to do that, right? That's, it sort of no amount of money that you, there is a fixed, a theoretical amount of money that you could pay.
to corrupt or bribe a certain number, like an NM bridge or a multi-sig bridge.
But there is no amount of money that you could pay to find out that there is not a single
person in the world somewhere anonymously that could prove fraud and penalize you.
And similar to roll-ups, if you do commit fraud, there is a penalty, a slashing penalty
that is applied to the person that did that fraud.
Right. The only thing about it is, like,
when we were talking about how it took six days to find this hack,
like the 30 minute window seems kind of short.
But I guess it's that people would be incentivized in some fashion and they could earn money,
whereas like there was no amount of money that people could have earned if they discovered.
Is that the difference?
Yeah, that's the difference.
And also that like in this case, like I, you know, this is, this kind of gets into the like,
remove humans from the equation piece, which is, you know, in the case of people not discovering
this hack for six days, it was likely because there were just no automated systems in place
to even alert that this had happened. Whereas in the, in the, you know, in the optimistic bridge
case, you basically build infrastructure called watchers that are just watching the chain full time.
And all they're doing is tracking the system to approve fraud. And this is actually pretty
much the exact same way that optimistic roll-ups work as well. So in an optimistic roll-up,
the roll-up sequencer, which is the person who is responsible for taking data from the roll-up
and pushing it to Ethereum,
could, in theory,
create fraudulent updates.
They could, in theory, do that.
But you have this network of watchers.
People, like basically people who are verifying this chain
or verifying this roll-up
who are just watching to make sure
that the data that is pushed to Ethereum
matches with the data that is on the roll-up.
And if that isn't true,
then those watchers would, like,
basically start a dispute.
They would prove that fraud-on chain
and then that would cause the roll-up sequencer
to be slashed. The exact same principles were kind of like carried over to this ecosystem or to
bridging to create optimistic bridges as a construction. Okay, well, we will probably see how
bridges start to move forward to shore up their security because I definitely don't think that
the current state of things is going to continue for very long. We probably will still see more
hacks while they're sorting it out, but hopefully not.
This has been a super fascinating conversation. Thank you so much for illuminating all of us about this hack.
Yeah, no problem. And if folks are interested in learning more about optimistic bridges,
I have a blog post that should be coming out definitely before this show goes live. So absolutely
check that out because I think it'll give a really good explanation of the kinds of tradeoffs
between this kind of system or even more generally other kinds of more secure bridging systems versus
versus multisic system.
Great. And will that be on your medium page or where will that be?
Yes, that would be on the Connects Medium page.
So it'll be blog.connects. Network.
Okay, perfect.
All right, well, thank you so much for coming on Unchained.
Thank you so much for having me. I really appreciate it.
Don't forget.
Next up is the weekly news recap.
Stick around for this week in crypto after this short break.
It's time to bring Wall Street to Main Street.
coin change is democratizing access to wealth management with low-risk, high-return, passive income through defy.
It's simple, just deposit your crypto into a coin-change high-yield account to earn more over time.
Your yield is paid out daily and can be withdrawn any time.
Coin change is yield farming doesn't utilize lending or other risky strategies.
No minimums, no obligations, just high yield.
It's time for a change.
change, create an account today at trydefi.cc slash unc to receive 40 USC. That's try defy.com slash
unc. Thanks for tuning in to this week's news recap. The SEC's Defy Shadow Attack. A 200-page proposal published by the U.S.
and Exchange Commission on Tuesday could spell significant trouble for Defi despite not mentioning
defy once. The SEC's proposal would change the definition of a government securities dealer
to include entities that provide more than $50 million in liquidity. While not written to explicitly
mentioned digital assets, the proposal could bring defy participants like automated market makers
and liquidity providers under the jurisdiction of the SEC. According to Delphi DIFT,
digital's Gabriel Shapiro, this is an all-out shadow attack on decentralized finance by the SEC.
Shapiro believes that the regulator's proposal would characterize AMM liquidity providers
as unregistered dealers, a felony in the U.S.S. SEC will argue that all AMM-LPs are
unregistered dealers. That would be like saying all Bitcoin miners are VASPs, virtual asset
service providers. If enforced, it would kill the tech. Many of us warned S&MLPs,
could take this view, but never thought they'd secretly rewrite the rules to avoid having
to prove it, Shapira argued. The blockchain associations Jake Trevinsky had a similar take on
Twitter. The SEC just proposed a rule that would expand the definition of regulated dealers
to include people who employ passive market-making strategies that have the effect of providing
liquidity to others. In addition to this week's 200-page proposal, the DeFi Education Fund
which was somewhat infamously spun out of Uniswop's treasury, took to Twitter to warn against
a 591-page proposal that includes danger signs for DFI. In a nutshell, while DEF is unsure
what the final implications that the proposal would be if passed, the proposal has the potential to
require any organization, association, or group of persons that makes available a communication
protocol system to comply with financial regulations designed for organizations like the New York Stock Exchange
if the CPS allows people to interact and agree to terms of a trade.
DEF pointed out the language is so broad that even the proposal itself clarifies web chat providers
like Facebook Messenger and utilities like cell phones, which could meet the novel definition of a CPS,
would not be required to register as securities exchanges. The public has until 8.5,000,
April 18th to comment, which DEF, along with other crypto lawyers, has been promoting quite hard
on Twitter.
Institutional SAT stacks substantially increased this week.
As covered in this week's episode of Unchained with Doe Kwan, the Luna Foundation Guard
is converting a $3 billion treasury into Bitcoin with the express purpose of building a
4x reserve for Terra's algorithmic stablecoin, UST.
This week, CoinDesk was able to confirm Luna Foundation Guard's BTC wallet.
According to blockchain data, the wallet currently holds over 30,000 BTC worth well over $1 billion.
Bit InfoCharts data shows that LFG is now the 29th largest Bitcoin address.
However, as noted on Unchained and Elsewhere, LFG has plans to expand its Bitcoin holdings to $10 billion
and wants to become the second largest holder of Bitcoin outside of Satoshi.
Not to be outdone by Terra, software firm Micostrategie,
announced that one of its subsidiaries, cheekily named Macro Strategy, closed on a $205 million loan
from Silvergate Bank to buy more Bitcoin using its already purchased Bitcoin as collateral.
Micro Strategy reported having 125,051 Bitcoin on its balance sheet in February 2022,
to which this $205 million loan will add.
OpenC to support Solana NFTs.
Solana NFTs will be supported by OpenC, the largest NFT marketplace by volume this month.
The news was revealed by OpenC's Twitter account.
No specific date was given, only that support would go live in April.
Salana's native token, SOL, is up 25% on the week, with the chart showing a market push
from $110 to $120 in the day following the OpenC announcement.
The total market cap of Solana NFT projects also experienced a nice speed.
bump, jumping 12.38% on Wednesday to $1.7 billion, according to hyperspace.xyz.
Crypto worldwide regulation roundup.
The European Union began another set of negotiations on its markets in crypto assets or
MECA regulatory package on Thursday.
Mika aims to simplify the expansion of crypto businesses throughout the EU by standardizing
rules for crypto issuers, service providers, and stable coins.
Mika recently made headlines after a proof of work ban was inserted in Parliament
before getting cut from the package at the last moment.
In related European news, two committees in European Parliament voted on amendments
that could potentially block EU-based crypto exchanges and service providers
from interacting with crypto addresses they cannot verify.
As of recording time, Patrick Hansen, head of strategy and bizdev at Unstoppable Def
reports that the committees will vote in favor of a crackdown on unhosted wallets.
Hansen says, however, that the final vote will take a few months to occur
and that he is optimistic that we can still achieve changes.
India passed a capital gains law that will see crypto gains taxed at a rate of 30% starting April 1st.
In addition, Indian citizens will pay a 1% tax deducted at source on every purchase or sale of crypto,
as well as taxes on crypto gifts beginning July 1st.
Furthermore, taxpayers will not be able to take deductions on losses.
Nisjal Shetty, the co-founder of India's largest exchange,
Wazir X, told CoinDesk that this was a big mistake.
This is not conducive for the government or the crypto ecosystem of India.
It is poised to do more harm than good, said Shetty.
This can result in cascading participation on Indian exchanges
and lead to a rise in capital outflow to foreign exchanges.
Coinbase Global will soon require customers,
in Canada, Japan, and Singapore, sending crypto to other exchanges to provide the name and address
of the recipient. When asked for a response, here is what Coinbase had to say to CoinDesk.
While we will always advocate for what we think the laws should be, we must respect the laws
that exist if we want to offer the suite of Coinbase services to customers in that country.
I also want to make it clear that these changes, as outlined in our FAQ, only apply to Canada,
Singapore, and Japan, where the laws require us to collect additional information.
We are not applying this globally to customers. The new rules will take effect in early April.
USDC gets an old custodian. BNY Mellon, one of the oldest banks in the U.S. has agreed to be the
primary custodian for U.S.DC's reserve assets. Notably, BNY Mellon's crypto custody unit
is powered by crypto infrastructure firm Fireblocks. As of press time, there's
There are over 50 billion U.S.D.C. in circulation.
A country dropped an NFT collection.
On Wednesday, the Ministry of Transformation of Ukraine launched an NFT collection of 2,182 pieces of art
via the MetaHistory NFT Museum.
Each NFT was drawn by a Ukrainian artist and depicts an event from the war.
While Ukraine had previously hinted that an NFT drop would take place,
It was confirmed for the first time on March 25th by Ukraine's Mikhailo Federov.
While Russia uses tanks to destroy Ukraine, we rely on revolutionary blockchain tech.
At MetaHistory, UA, NFT Museum is launched.
The place to keep the memory of war, and the place to celebrate the Ukrainian identity and freedom, explained Federov on Twitter.
According to Meta history's website, 100% of proceeds were sent directly to the eth address of Ukraine's Ministry of Finance,
At 0.15 aeth per mint, this means Ukraine raised an additional 327.2 eth, worth approximately $1 million.
From, by all accounts, the first NFT drop spearheaded by a country.
Despite the unprecedented backstory and previous success of Ukraine in leveraging crypto to fundraise,
the NFTs were slow to mint.
As of Thursday morning, the collection has yet to sell out.
Time for fun bits.
2017 again, Ripple and Mount Gawks make for funny headlines in 2022.
Mark Carpellis, the former CEO of Mount Gawks,
is dropping a collection of 1,066,000 in 97 NFTs on Ethereum,
with each NFT commemorating and readily able to claim by a single account from Mount Gawks
once the individual has gone through a verification process.
Mount Gawks was famously hacked in 2014 for roughly 850,000,
BTC, which are now worth $40 billion.
Owning a Mount Gawks' NFT proves you're an OG.
You are there in the early days of Bitcoin, and now you can prove it on the blockchain, explains the website.
In other weird OG news, Rebel co-founder Chris Larson is launching a campaign against
Bitcoin's proof-of-work consensus mechanism and has funded a $5 million campaign to convince
Bitcoiners to, change the code, not the climate.
Or, in other words, move to proof of stake.
Bitcoiners, not surprisingly, did not take kindly to the intrusion, as exemplified by Bitcoin mining
expert, Zach Vowl. Chris Larson of Ripple is funding a $5 million ad campaign advocating for
Bitcoin switching to proof of stake. I guess the only thing I have left to say is fuck off, Chris.
Thanks so much for joining us today. To learn more about Arjun, the Ronan hack, and Bridge Security,
check out of the show notes for this episode. Unchain is produced by me, Laura Shin, with help from
Anthony Yun, Daniel Ness, Mark Murdoch, Shashok, and CLK transcription.
Thanks for listening.