Ronin: Theft Details Are Known

Apr 5, 2022 - 16:41
 0  52
Ronin: Theft Details Are Known

173,600 Ethereums and 25.5 million USDC tokens have been stolen, and it is now known, corresponding to about $ 625 million.

We have already written about the big theft of cryptocurrencies from the decentralized financial platform Ronin Network, but as this is a very unusual and interesting event, we bring additional details. 

Own trading ecosystem

Ronin is a side chain of the Ethereum blockchain launched by Sky Mavis to enable the cheapest possible AXS, SLP, WETH, and RON token and NFT transactions within the Axie Infinity ecosystem. 

The main engine of the ecosystem is the Axie Infinity blockchain game, which resembles Pokemon and has made a real revolution by changing "free to play" into a "earn to play" paradigm and thus giving players ownership of their Axie heroes.

Axie is the hero of NFT and it takes at least three such "digital beings" to participate in the game. The number of players is extremely large, with about 2 million active players per month and about 10 million players in total. 

Ron's blockchain is the backbone of not only games but decentralized exchange, Proof-of-Stake mining of AXS tokens, and pools needed to operate a decentralized exchange.

Traces lead to the validator

The hack came at a time of anticipation of Origin - a new version of the game that loyal fans of Axie NFTs have been waiting for a long time. The traces left by the hacker clearly show the way the theft was carried out, but fortunately, it has not been completed yet. 

In the crypto world, it is not enough to just steal tokens, it is also necessary to replace the digital good, which is significantly more difficult than just stealing it.

For now, it is known that the hacker stole the private keys of four validators online. For the so-called 51% attack on Ron's blockchain hacker, it was enough to take control of five of the nine validators online. 

The keys to the fifth validator were not stolen, but the well-known inconsistency of sacrificing security for the sake of fluidity, which can also be called a kind of bug, was used.

It is amazing that the keys to the four validators were with one person. Even more incomprehensible is that the hack became known six days after the theft that occurred on March 23 in two transactions when the smart contract representing the bridge connecting Ronnin and the Etherium blockchain ran out of funds to pay out 5,000 Ethereums. 

The wallet whose current status can be peeked at this address still contains stolen tokens, so it is to be assumed that the hacker will agree on a reward and return Ethereum.

Ron's blockchain is still blocked

The course of events will be interesting. Surprisingly, the price of AXS tokens at exchange offices has not yet dropped drastically. Perhaps the cause lies in the inability of the owners of AXS, SLP, WETH, and RON tokens of the Axie Infinity ecosystem to access their tokens because the operation of the Ronin blockchain system has been stopped.

It should be understood that all tokens on Ronin are intact because Etheriums were stolen from a smart contract that guaranteed the value of the WETH token in a 1: 1 ratio on the Ronin blockchain, which means that the WETH token currently has no value.

The RON token with which to pay for transactions on the Ronin blockchain is likely to lose significantly in value as well as all the others at the time the Ronin blockchain is launched which we can expect very soon.