Developers of pNetwork bridge drain $4.3 million from PancakeSwap in 'white hat' attack

Quick Take

  • PNetwork bridge drained more than $4.3 million in tokens that it had issued on its bridge.
  • The team claims to have discovered a “misconfiguration” in the token’s smart contract.

The developers of pNetwork, an independent cross-chain bridge protocol used to transfer assets across different chains, ethically took $4.3 million in pGALA (pegged gala) tokens that it had issued to bridge users.

The "white hat" exploit was executed today as the team said it had discovered a “misconfiguration” in the token’s smart contract, according to on-chain analysis by security firm BlockSec, which informed The Block. The developers of pNetwork attempted to front-run any malicious hackers by “draining” pGala tokens locked in PancakeSwap pools. These tokens, issued by pNetwork itself, represent a 1:1 tokenized version of the gala tokens used in play-to-earn project Gala Games.

The tokens are issued whenever users bridge gala tokens from its original chain, Ethereum, to BNB Chain via pNetwork bridge. Anyone can use pNetwork to lock their assets, including gala tokens, as collateral in the bridge contract and mint tokenized gala, also known as pGala. 

The pGala tokens are maintained via smart contracts controlled by the pNetwork team, and can be traded on decentralized exchanges on BNB Chain, including PancakeSwap. Today, the team said that it had discovered a misconfiguration that could allow anyone to steal from the pgala smart contract. Because of this, the contract had to be urgently patched and redeployed. “A misconfiguration of the pNetwork bridge necessitated the redeployment of pGala,” pNetwork said

It added that it had to drain the token in liquidity pools, performing the white hat attack to protect the value of gala tokens locked in the bridge contract before it could redeploy the token contract. To drain pGala liquidity on PancakeSwap, the pNetwork developers