Gnosis Chain makes key upgrade to prevent potential security attacks

Quick Take

  • Ethereum sidechain called Gnosis completed a hard fork upgrade today.
  • With the hard fork, Gnosis Chain has fixed an issue that led to two major DeFi hacks on its bridge with Ethereum.

Gnosis Chain has gone through a network upgrade in order to fix the issue that allowed hackers to steal $11 million from two DeFi protocols running on its network last month.

“All application builders on Gnosis Chain can now assume tokens bridged via the native bridge are not prone to the reentrancy attack anymore, which caused the hacks of Agave and Hundred Finance,” Stefan George, co-founder and chief technology officer at Gnosis, told The Block.

Gnosis Chain (previously known as xDai Chain) is a popular sidechain — a term that refers to a blockchain running parallel to Ethereum — that's run by GnosisDAO. There are more than $287 million of cryptocurrencies locked up in applications running on its network, per DeFiLlama. 

Gnosis Chain said, in an official post, that the hard fork — a significant network change — went live today at block number 21,735,000, which took place around 6:30 AM UTC.

The hard fork activated a proposal (GIP-31) on the Gnosis DAO governance aimed at preventing “reentrancy attacks,” which are a common type of security exploits targeting DeFi protocols.

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

The proposal came after two DeFi protocols on the Gnosis Chain — Hundred Finance and Agave — suffered from reentrancy attacks and reportedly lost $11 million in various tokens to hackers. These attacks occurred due to a vulnerability within a smart contract that wraps Ethereum-based tokens on the OmniBridge — the official bridge on Gnosis Chain connecting with the Ethereum blockchain. 

A security audit last year