Today, Anyswap tweeted an exploit was detected in the v3 prototype.
Fortunately, the Anyswap bridge wasn't affected at all, only new V3 cross-chain liquidity pools. In total, 2,398,496.02 USDC and 5,509,222.73 MIM tokens were stolen.
An attacker address already managed to send funds through TornadoCash. You can watch the address activity here.
What happened exactly?
As we can read from Anyswap official post-mortem:
- Two v3 router transactions were detected under the V3 Router MPC account on BSC, these two transactions have the same R value signature. And hacker deduced the private key to this MPC account in reverse. Anyswap team reproduced this attack method. (Reference: https://bitcoin.stackexchange.com/questions/35848/recovering-private-key-when-someone-uses-the-same-k-twice-in-ecdsa-signatures）
- All v1/v2 bridge transactions have been audited, they don't have the same R transactions. Bridges are safe.
The affected code was fixed to avoid using the identical R signatures. Anyswap multi-chain router v3 will be launched in 48h.
What is interesting, similar incidents have happened in the past. Not only in crypto but as an exciting example, PS3 security has been breached similarly.
You can watch how it was done in this brilliant video.
But as aftermath.digial is saying in his tweet
Projects need to understand the cryptographic techniques they're using and verify their values to ensure high entropy.
That was an interesting exploit for sure, and I recommend checking the bitcoin stack overflow link shared earlier.
Thanks for reading, and if you like my writing, you can subscribe to my blog to receive the daily newsletter as I'm currently in the middle of 100 days of blogging challenge. Subscription box below 👇
If the newsletter is not your thing, check out my Twitter @adrianhetman, where I post and share exciting news from the Blockchain world and security.
See you tomorrow!