BNB Chain governance to decide what will happen to hacked funds

Quick Take

  • The team at BNB Chain notified the community its next plan of action is to conduct on-chain governance votes.
  • Voters will decide whether to freeze funds held in the hacker’s address and burn them.

The BNB Chain is now back up and running after it was halted for several hours to investigate a large bridge exploit. 

On Thursday, an unknown hacker seized almost $560 million in BNB from the network's cross-chain bridge, called BSC Token Hub. Of this amount, the hacker transferred more than $100 million to other chains, according to security firm SlowMist. Almost $430 million in BNB tokens was held in the perpetrator's address on BNB Chain.

The hacker took advantage of a security bug to forge "security proofs" that enabled the ability to withdraw the bridge's locked funds. These proofs were needed to verify all withdrawal requests on the bridge.

In response to the exploit, the team halted the blockchain, ordering all of its 44 validators (including 26 active validators) to stop operations. This was done in an effort to prevent the hacker from making any further moves and try to take back control of funds that remained on BNB Chain, it noted in a blog update today.

"It was not that easy as BNB Smart Chain has 26 active validators at present and 44 in total in different time zones. This delayed closure, but we were able to minimize the loss," the team said.

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

While the BNB Chain has already stopped funds held in the hacker's wallet from being moved, the project will conduct a governance vote to formalize the decision and make a final call on what to do with those funds.

In the same blog post, the team said that it will conduct on-chain governance votes to decide whether to freeze funds in the hacker's address on BNB Chain and whether to "auto-burn" the tokens.

Furthermore, BNB Chain’s governance will vote on announcing a bounty for "catching hackers" where 10% of recovered funds would be granted as a reward. Finally, it aired plans for a white hat bug bounty program that would pay up to $1 million for each security  bug found on BNB network, including the exploited bridge.


© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Vishal Chawla is The Block’s crypto ecosystems editor and has spent over six years covering tech protocols, cybersecurity, artificial intelligence and cloud computing. Vishal likes to delve deep into blockchain intricacies to ensure readers are well-informed about the continuously evolving crypto landscape. He is also a staunch advocate for rigorous security practices in the space. Before joining The Block, Vishal held positions at IDG ComputerWorld, CIO, and Crypto Briefing. He can be reached on Twitter at @vishal4c and via email at [email protected]