Sky Mavis reports that the Ronin Network behind the company’s Axie Infinity game has been hacked, stealing Ethereum 173,600 ETH ($ 594.6 million worth) and US $ 25.5 million, for a total of US $ 620 million.

If Sky Mavis, the maker of the blockchain game Axie Infinity, couldn’t recover the money, it would have a huge impact on the company’s overall finances and would be a black star for blockchain-based security. The key to putting the game on the blockchain is that the “Ronin Network” of the Layer 2 network is required to have better security.

Trading between Ronin Bridge and Katana Dex has been suspended. For now, it means that players who have money on the network will not be able to access it right away. The stolen funds are only part of the assets held by Sky Mavis and its Axie Infinity Decentralized Autonomous Organization (DAO).

This hack is likely to be considered one of the biggest hacks in crypto history, at least according to Comparitech data.

According to the company, the Ronin Network itself had a security breach. Before dawn on the 29th, the company was invaded by Sky Mavis’ Ronin Varidata node and Axie DAO Varidata node on March 23, and the two transactions were worth 173,600 ETH (currently worth $ 594.6 million) from Ronin Bridge. ) And found that $ 25.5 million was leaked.

So far, the stolen cryptocurrencies have not been sent from the attacking account.

A validator node is an external entity that validates blockchain information and compares each other’s notes to ensure that the blockchain information is accurate. Blockchain is (believed to be) a secure and transparent digital ledger, and Ethereum is one of the largest networks based on this technology. Ethereum is a blockchain protocol as well as the name of a cryptocurrency based on that protocol.

Sky Mavis can use the blockchain to verify the uniqueness of NFTs (Non-Fungible Tokens) and uniquely authenticate digital items such as Axie Creature for use with Axie Infinity. The NFT gained explosive popularity last year, allowing ky Mavis to raise $ 152 million in October at a valuation of $ 3 billion. However, blockchain games have been criticized for being full of scams, rug pulls (pool escape scams in DeFi), and other types of anti-consumer scams, and are now the source of the industry.

Ethereum also has its drawbacks. Transactions on Ethereum are slow and consume a lot of energy because they use many computers around the world for verification work. To mitigate that, companies like Sky Mavis have created Layer 2 solutions like the Ronin Network. This network is much faster, cheaper, and has less environmental impact than trading on Ethereum itself.

However, this off-chain process carries risks, as Sky Mavis learned. Sky Mavis has set up a network of compute nodes to validate transactions on the Ronin Network, but if a hacker can control that network 51%, he will create a fake transaction and store it on the network. You can steal money.

According to Sky Mavis, the attacker used a hacked private key to forge a fake drawer. Sky Mavis said it discovered the attack on the morning of the 29th after receiving reports from users that it was unable to withdraw 5,000 ETH from the Ronin Bridge.

Sky Mavis’ Ronin chain currently consists of nine validator nodes. Five of the nine validators need to be signed to recognize deposit and withdrawal events. The attacker gained control of Sky Mavis’s four Ronin validators and a third-party validator operated by Axie DAO.

Since the validator key method is set to decentralized, the attack vector is limited as in this case, but the attacker finds a backdoor from Sky Mavis’ degassing RPC node and uses it to use the Axie DAO Bali.

This dates back to November 2021 when Sky Mavis requested Axie DAO to help distribute free transactions due to the huge user load. Axie DAO has had the listed Sky Mavis sign various transactions on its behalf. It was discontinued in December 2021, but access to the permit list was not revoked.

Sky Mavis states that it will respond promptly when the incident is discovered and is actively defending against future attacks. To prevent short-term damage, the company raised the validator standard from 5 to 8.

The company also temporarily suspended the Ronin Bridge to make sure there were no more attack vectors left. Binance is also cautious, disabling the bridge to Ronin. The bridge will be opened at a later date if it is confirmed that no more funds will flow out.

Sky Mavis has also temporarily disabled Katana DEX because it is unable to make arbitrage transactions and deposit more funds into the Ronin Network. And because it can track transactions on the blockchain, it works with Chainalysis to monitor stolen funds.

The company says it works directly with various government agencies to help criminals be tried.

Originally, Sky Mavis set the validator reference value to 5 out of 9 because some nodes couldn’t keep up with the chain or stopped in sync. In the future, 8 out of 9 will be used as the standard value. The company will take the time to expand its Varidata set on a rapid schedule.

Most of the hacked money is still in the wallet of the alleged hacker.

According to the company, Ronin’s ETH and USDC deposits have flowed out of the bridge agreement. Sky Mavis said it is working with law enforcement agencies, forensic cryptanalysts and investors to ensure that there is no loss of user funds. All of AXS, RON and SLP on Ronin are now safe.