No user funds were lost as a result of the EVM scaling and bridge solution. The two $1 million bounties were awarded in the company’s native cryptocurrency AURORA and will be paid out in a year’s time. The ImmuneFi bug bounty platform handled the payments.
The vulnerability was identified on June 10 by security company Halborn and was revealed earlier today.
Aurora is a Layer 2 scaling solution and EVM-compatible bridge between the Layer 1 NEAR protocol and Ethereum. The initial vulnerability was caused by Aurora’s use of a separate ERC-20 (fungible token standard) known as NEP-141.
The bridge between the two chains is permissionless, which means that anybody may bridge over any token to any address without their knowledge.
An attacker may have produced a worthless NEP-141 token on NEAR, bridged it to Aurora, and then distributed it to unwitting victims. As a result, attackers would be able to “take ETH from Aurora addresses essentially for free,” according to the report. This is due to the bridge’s ability to charge the recipient or victim a fee denominated in ETH.
The second vulnerability was related to the bridge’s burning feature. Tokens are burnt on one chain and debited on the other when users bridge funds from one network to another.
An assailant may have staged a “fake burn event” without it really happening. This bogus event might then be used to take funds from the Ethereum locker, which is the Aurora bridge’s stored amount of ETH utilized for chain bridging.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Website: coincu.com
Harold
CoinCu News
Will Bitcoin Crash?" seems to be one of the most controversial questions, as the price…
There’s always that one coin people wish they hadn’t overlooked. For many, Cosmos ($ATOM) is…
Cosmos Developer Interchain Foundation sold 3000 ETH from its ICO today, totaling 21,600 ETH sold…
George Town, Grand Cayman, 22nd November 2024, Chainwire
Inflation Warning by Vanguard highlights risks during Trump’s term, citing tariffs and tighter labor markets…
Clanker token trading volume hit $59.8M on Nov 21, accounting for 14.75% of PumpFun. Fee…
This website uses cookies.