Ronin bridge pauses amid $11.8 million outflow to MEV bot white hats

Quick Take

  • Ronin Network paused its bridge on Tuesday morning amid $11.8 million in outflows to MEV bots.
  • The activity was attributed to white hats, who will receive a $500,000 bounty for returning the funds.
  • The bridge currently secures more than $850 million, which is “safe,” according to a Ronin co-founder.
  • Ronin’s bridge was previously hacked for more than $600 million in 2022.

Ronin, the blockchain network tied to the play-to-earn game Axie Infinity, paused its bridge on Tuesday morning amid $11.8 million in outflows to MEV bots.

The initial transaction occurred at around 9:37 a.m. UTC, involving the transfer of more than 3,996 ETH ($9.8 million). A further transaction at 10:11 a.m. involved the transfer of nearly $2 million worth of stablecoin USDC. Many suggested that it could be white hat activity, which means an ethical hacker could be behind the incident, though that could not initially be confirmed. The bridge was subsequently paused at 10:15 a.m.

“The Ronin Network bridge has been paused while we investigate a report from white hats about a potential MEV exploit,” Axie Infinity and Ronin Network co-founder Aleksander Larsen, aka “Psycheout,” posted on X. “We will follow up with more information shortly. The bridge currently secures over $850 million, which is safe.”

Ronin Network later confirmed that the actors withdrew around 4,000 ETH and 2 million USDC — the maximum amount of each asset that can be withdrawn from the bridge in a single transaction.

"Earlier today, we were notified by white hats about a potential exploit on the Ronin bridge. After verifying the reports, the bridge was paused approximately 40 minutes after the first on-chain action was spotted," the project stated. "The bridge limit serves as a critical safeguard to increase the security of large fund withdrawals, and it effectively prevented further damage in this exploit."

The Ronin Network team explained that a bridge upgrade on Tuesday, deployed via its governance process, "introduced an issue leading the bridge to misinterpret the required bridge operators vote threshold to withdraw funds." The team said it was now working on a solution for the root cause and a new bridge upgrade would go through "intensive audits" before being voted on by bridge operators ahead of deployment.

Ronin is currently negotiating with the actors, "who appear to be acting as white hats and have responded in good faith," the project said, reiterating that all users' funds are safe and that any shortfalls would be re-deposited into the bridge when it reopens. A more detailed post-mortem on the incident is expected next week.

In a further update on Tuesday afternoon, Ronin Network confirmed that the ether had been returned, and it expected the USDC funds to follow later in the day. Ronin's bug bounty program will reward the white hats with $500,000, the team added. A couple of hours later, Ronin confirmed it had received the remaining $2 million in USDC funds.

Previous Ronin-related incidents

Ronin's bridge with Ethereum was previously hacked for over $600 million in March 2022. An exploit of five validator keys lost 173,600 ETH (roughly $590 million at the time) and $25.5 million of the stablecoin USDC — the largest DeFi exploit in history. 

Wallets belonging to Jeffrey Zirlin, co-founder of Axie Infinity creator Sky Mavis, were also hacked for $9.7 million worth of ether in February this year.

Ronin's cryptocurrency, RON, dropped around 4% immediately following this latest incident, according to The Block's Ronin Price Page. However, it remains up around 9% over the past 24 hours amid a broad crypto recovery following Monday's market plunge.

RON/USD price chart. Image: The Block/TradingView.

Updated with additional details throughout.


Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.

© 2024 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

James Hunt is a reporter at The Block and writer of The Daily newsletter, keeping you up to speed on the latest crypto news every weekday. Prior to joining The Block in 2022, James spent four years as a freelance writer in the industry, contributing to both publications and crypto project content. James’ coverage spans everything from Bitcoin and Ethereum to Layer 2 scaling solutions, avant-garde DeFi protocols, evolving DAO governance structures, trending NFTs and memecoins, regulatory landscapes, crypto company deals and the latest market updates. You can get in touch with James on Telegram or 𝕏 via @humanjets or email him at [email protected].

Editor

To contact the editor of this story:
Vishal Chawla at
[email protected]

WHO WE ARE

The Block is a news provider that strives to be the first and final word on digital assets news, research, and data.

+ Follow us on Google News
Connect with the block on