2 years ago
The BitBTC span reportedly had a bug that would fundamentally let an attacker to mint fake tokens connected 1 broadside of the bridge, and swap them for existent ones connected the other.
A cross-chain span betwixt BitBTC and the Ethereum layer-2 web Optimism has been capable to debar a perchance costly exploit acknowledgment to the enactment of an eagle-eyed Twitter user.
The customized cross-chain bridge offers a ramp for users to nonstop assets betwixt Optimism’s network and BitAnt's decentralized concern (DeFi) ecosystem, which includes output services, NFTs, swaps and the BitBTC token, successful which 1 cardinal BitBTC represents 1 Bitcoin (BTC).
The BitBTC span bug was highlighted by L2 web Abirtrum tech pb Lee Bousfield successful an Oct. 18 Twitter post, informing that “BitBTC's Optimism span is trivially vulnerable.”
Bousfield said helium published the Tweet arsenic the “team has ignored my messages, truthful I'm going to people the captious exploit here.”
BitBTC's Optimism span is trivially vulnerable. Their squad has ignored my messages, truthful I'm going to people the captious exploit here. https://t.co/onyN9SzBjt
— Lee Bousfield (@PlasmaPower0) October 18, 2022According to Bousfield, the BitBTC span had a bug that would let an attacker to mint fake tokens connected 1 broadside of the bridge, and swap them for existent ones connected the other.
“The Optimism L2 broadside of the span lets you retreat immoderate token, and it let's that token prime the L1Token code passed to the L1 broadside of the bridge. However, the L1 span wholly ignores what the L2 token was, and conscionable goes up and mints the arbitrary L1 token!” helium wrote, adding that:
“That means an attacker could deploy their ain token connected Optimism, springiness themselves each the supply, and acceptable that token's L1 Token to the existent BitBTC L1 address.”For the bug to beryllium exploited successfully, Bousfield outlined that it would instrumentality “7 days to spell through, during which the L1 span could beryllium fixed via an upgrade.”
Shortly aft noting such, idiosyncratic went connected to trial that theory, with an attacker attempting to retreat “200 cardinal fake BitBTC from Optimism.”
The attacker reportedly claimed that it was merea test.
Bousfield besides noted successful a consequent update astir 10 hours aboriginal that the bug had since been patched aft helium managed to get successful interaction with the BitBTC team.
Cointelegraph has reached retired to the BitAnt squad for confirmation connected these details and volition update the communicative if they respond.
Related: Ethereum Alarm Clock exploit leads to $260K successful stolen state fees truthful far
Optimism developer Kevin Fichter connected Oct. 18 confirmed that the bug was connected BitBTC’s broadside of things arsenic it had utilized its ain customized span arsenic opposed to Optimism’s modular span it offers to partners.
Fichter besides noted that assets “other than BitBTC are not astatine risk,” adding that determination was a batch of “time and vigor placed into the modular bridge” and encouraged radical to usage the modular span “unless you cognize what you’re doing.”
English (US) 