• Dapps:16.23K
  • Blockchains:78
  • Active users:66.47M
  • 30d volume:$303.26B
  • 30d transactions:$879.24M

Ronin Bridge Exploit of $10 Million Caused by Faulty Upgrade Script — Verichains

user avatar

by Giorgi Kostiuk

2 years ago

  1. Cause of the Vulnerability
  2. How the Attack Happened
  3. Consequences and Resolution


    4. The $10 million Ronin bridge exploit on August 6 was caused by a faulty upgrade deployment script, according to blockchain security firm Verichains.

    Cause of the Vulnerability

    The upgrade reduced the voting threshold for validators to zero, allowing any user to withdraw from the bridge without a signature. Verichains states that the error occurred due to the incorrect initialization of the totalWeight variable.

    How the Attack Happened

    The attacker attempted to exploit this flaw but was front-run by an MEV bot, which actually carried out the attack, probably unintentionally. The bot’s owner later returned most of the funds to the Ronin team.

    Consequences and Resolution

    Verichains’ analysis reveals the risks of interacting with upgradeable smart contracts. The network could have lost the full amount had the attacker paid more in gas and thus avoided the front-run.

    Due to the faulty upgrade script, Ronin bridge users were able to withdraw funds without validator signatures. This incident highlights the potential risks when dealing with upgradeable smart contracts.

0

Rewards

chest
chest
chest
chest

More rewards

Discover enhanced rewards on our social media.

chest

Other news

Ethereum's Price Experiences Drop and Stabilization.

chest

Ethereum price has started a fresh decline, trading below key levels and consolidating above 2,175.

user avatarTando Nkube

WLFI Token Price Declines Amidst Controversy

chest

The price of World Liberty Financial (WLFI) tokens has significantly declined, dropping below $0.008 and losing over 20% of its value due to growing controversies surrounding the project.

user avatarKofi Adjeman

World Liberty Financial Faces Liquidity Concerns

chest

World Liberty Financial (WLFI) is facing scrutiny due to its financial practices, having deposited nearly $2 billion in tokens into the Dolomite lending protocol and borrowed over $31 million in stablecoins, raising liquidity concerns.

user avatarNguyen Van Long

Justin Sun Accuses World Liberty Financial of Deception

chest

Justin Sun accuses World Liberty Financial of having a backdoor in its smart contract, allowing the team to freeze user funds without warning.

user avatarSatoshi Nakamura

Brian Armstrong Supports Clarity Act Amid Legislative Push

chest

Brian Armstrong, CEO of Coinbase, publicly supports the Digital Asset Market Clarity Act of 2025, urging Congress to pass it.

user avatarJesper Sørensen

HYPE Token Experiences Major Price Surge Amid Market Trends

chest

HYPE token has surged over 65% year-to-date and nearly 200% over the past year, reflecting strong market performance amid uncertainties.

user avatarLucas Weissmann

Important disclaimer: The information presented on the Dapp.Expert portal is intended solely for informational purposes and does not constitute an investment recommendation or a guide to action in the field of cryptocurrencies. The Dapp.Expert team is not responsible for any potential losses or missed profits associated with the use of materials published on the site. Before making investment decisions in cryptocurrencies, we recommend consulting a qualified financial advisor.