White Hat Hacker Discovers Arbitrum Nitro bug, Saving Millions

The Crypto Times

A white hat hacker just lately got here ahead and found a bug inside the Ethereum roll-up Arbitrum, which might have led to the theft of thousands and thousands of {dollars}.

Operating underneath the pseudonym ‘0xriptide’, the hacker was rewarded a bounty of 400 ETH (price roughly $530,000) by Arbitrum developer OffChain Labs for his discovery.

Just just a few weeks in the past, Arbitrum launched its Nitro improve in anticipation of the Ethereum Merge. In a weblog publish posted by 0xriptide, he says that he began going by the code of Arbitrum Nitro for vulnerabilities as quickly because it was launched.

0xriptide found that the bridge between the Ethereum mainnet and the Arbitrum Nitro contained a flaw that may enable any hacker to exchange Arbitrum’s vacation spot handle with their very own.

This implies that a hacker might manipulate the code to redirect the funds which are supposed to movement from Ethereum to Arbitrum into his personal pockets.

0xriptide writes that this may be accomplished in two methods. A hacker might have manipulated the bug to both selectively decide off huge particular person deposits and keep away from detection, or siphoned off Arbitrum’s total incoming deposit movement.

From the time of the Arbitrum Nitro improve to when 0xriptide notified OffChain Labs of the bug, over 400,000 ETH, or $534 million at writing, moved into Arbitrum from Ethereum.

Once OffChain Labs confirmed the bug, they despatched 0xriptide a bounty reward of fee of 400 ETH, or simply over $530,000 by way of ImmuneFi.

0xriptide wrote, “Thank you to the extremely based Arbitrum team for providing a 400 ETH bounty, and of course for creating an incredible piece of technological innovation with their L2 implementation.”

He later tweeted a day later that, given the lots of of thousands and thousands of {dollars} saved, Arbitrum might have been extra beneficiant.

Compiled by Coinbold

5/5 - (100 votes)