News: Nomad Bridge Hack
What went wrong, and how could it have been prevented
On the 2nd August 2022, the Nomad bridge, a protocol designed to move tokens across blockchains, thus allowing different networks to interact, was hacked and drained of $191 million worth of Ethereum denominated funds. How did this happen? What was unique about it and how can it be prevented in future?
A blockchain bridge, otherwise known as a cross-chain bridge, connects two blockchains and allows users to send cryptocurrency from one chain to the other.
Usually, a cross-chain bridge works by “wrapping” tokens in a smart contract and then issuing native assets to users on another chain. This means they have to hold a lot of funds on either side of the bridge, which makes them lucrative targets for hackers
According to twitter user @samczun, users started noticing funds leaving the bridge at an alarming rate and posted it on a ETHSecurity telegram channel...
This was a unique hack, as the initial exploit was then copy and pasted by regular users until the funds were entirely drained from the bridge. You could see the drama play out on-chain. $190,740,000 drained in a couple of hours.
We can see the funds leaving the bridge here:
Data represented by https://defillama.com/protocol/nomad shows the dramatic draining of 190 million USD worth of tokens
A hacker used a vulnerability flagged up in the Nomad Audit, to confirm transactions that were not valid which allowed him to transfer funds to himself. The audit is available to all for review on the link below, with the relevant vulnerability (QSP-19) posted below..
the exploit was flagged in the Audit
Technically speaking, it was the
process()function, found in the current implementation contract at 0xB92336759618F55bd0F8313bd843604592E27bd8, which checks that messages contain an acceptable Merkle root, that was expoited. This function is intended to prevent users from passing arbitrary data, but the team accidentally marked the zero root as an acceptable root, which tragically meant that every message was auto-proved when they should have been nullified.
Put simply: A misconfiguration of the project’s main smart contract accidentally allowed anyone with a basic understanding of the code to authorise withdrawals to themselves.
Now this is the crazy part .. all that copycats had to do was copy the initial exploit and change the transaction data and paste their own personal addresses and they could drain the funds from the bridge themselves. This led to an absolute free-for-all as millions of dollars was drained in a frenzy of copycat hacks.
Many of those that jumped on the band wagon were good samaritans stepping in to preserve funds until the exploit was fixed. So far $32.6 million worth of funds have been returned from 41 separate accounts. It's a nice twist to a story that would have left the Nomad team totally devastated.
The recovery process has so far returned $32 million in funds
Safety Over FormalismWhen we decided not to include light clients in Nomad’s design, we also gave up formal security. While this decision had tremendous benefits for simplicity and operating cost, we had to accept that Nomad would not be provably secure. Nomad is designed to be secure in practice.
They sacrificed on security for cost and simplicity, and it cost them. One errant line of code and the bridge was drained in its entirety.
At scallop we are designing our own bridge, and make no sacrifices on security. Having our own dedicated blockchain provides watertight security, and not relying on third party bridges reduces the risk of being targeted by hackers looking for a lucrative score.
The unique part of this story is that good samaritans stepped in and have returned a chunk of the stolen funds. Crypto is unique in that sense, and this is testament to the strong communities that make up the myriad ecosystems in the space.