{"id":438591,"date":"2022-04-28T07:25:25","date_gmt":"2022-04-28T04:25:25","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/plan-for-1m-bug-bounties-and-double-the-nodes-in-wake-of-600m-ronin-hack\/"},"modified":"2022-04-28T07:25:25","modified_gmt":"2022-04-28T04:25:25","slug":"plan-for-1m-bug-bounties-and-double-the-nodes-in-wake-of-600m-ronin-hack","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/plan-for-1m-bug-bounties-and-double-the-nodes-in-wake-of-600m-ronin-hack\/","title":{"rendered":"# Plan for $1M bug bounties and double the nodes in wake of $600M Ronin hack"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a3f8d09dd0cd\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a3f8d09dd0cd\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/plan-for-1m-bug-bounties-and-double-the-nodes-in-wake-of-600m-ronin-hack\/#%E2%80%9D_Plan_for_1M_bug_bounties_and_double_the_nodes_in_wake_of_600M_Ronin_hack_%E2%80%9C\" >&#8221; Plan for $1M bug bounties and double the nodes in wake of $600M Ronin hack &#8220;<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/plan-for-1m-bug-bounties-and-double-the-nodes-in-wake-of-600m-ronin-hack\/#The_hack_run_down\" >The hack run down<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/plan-for-1m-bug-bounties-and-double-the-nodes-in-wake-of-600m-ronin-hack\/#Ronin\" >Ronin<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/plan-for-1m-bug-bounties-and-double-the-nodes-in-wake-of-600m-ronin-hack\/#Sky_Mavis\" >Sky Mavis<\/a><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Plan_for_1M_bug_bounties_and_double_the_nodes_in_wake_of_600M_Ronin_hack_%E2%80%9C\"><\/span>&#8221; Plan for $1M bug bounties and double the nodes in wake of $600M Ronin hack &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDQvNTJlN2Y3YjUtYjg0OS00YWIwLWI3ZDYtZmFiZTg3YmEyNjI3LmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-2a0745c6>The Ronin Network and Sky Mavis have vowed to upgrade their smart contracts, offer lucrative bug bounties and ramp up security following the $600 million hack late last month. <\/p>\n<p>As Cointelegraph previously reported, the Ethereum sidechain developed for the popular NFT <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/game\/\" data-internallinksmanager029f6b8e52c=\"7\" title=\"Game\" target=\"_blank\" rel=\"noopener\">game<\/a> Axie Infinity was the victim of an exploit for 173,600 Ether (ETH) and 25.5 million USD Coin (USDC) worth more than $612 million at the time. <\/p>\n<p>Earlier this month the Federal Bureau of Investigation (FBI) attributed the attack to North Korea-based and state-sponsored hacking group Lazurus, as it fired off a warning to other crypto and blockchain organizations. <\/p>\n<p>Ronin announced its platform changes via a post-mortem report published yesterday, noting that all user funds are in the process of being restored as it vowed to make sure this \u201cnever h<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ens again.\u201d<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">We have put together a postmortem regarding the Ronin exploit that occurred on March 23rd.<\/p>\n<p>\u2022 Why it happened<br \/>\u2022 What we&#8217;re doing to make sure this never happens again<br \/>\u2022 Ronin bridge re-opening update<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/FfwCtCG84E\">https:\/\/t.co\/FfwCtCG84E<\/a><\/p>\n<p>\u2014 Ronin (@Ronin_Network) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/Ronin_Network\/status\/1519322899135537152?ref_src=twsrc%5Etfw\">April 27, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h3><span class=\"ez-toc-section\" id=\"The_hack_run_down\"><\/span>The hack run down <span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The hack was the result of a spear phishing attack on a former Sky Mavis employee (developers of Axie Infinity). The bad actor was able to leverage the employee\u2019s credentials to access Sky Mavis\u2019s four validator nodes out of a total of nine in the Axie\/Ronin ecosystem. <\/p>\n<p>This by itself was not enough to do any damage, but \u201cthe attacker found a backdoor through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator.\u201d<\/p>\n<p>\u201cThis traces back to November 2021 when Sky Mavis requested help from the Axie DAO to distribute free transactions due to an immense user load. The Axie DAO allowlisted Sky Mavis to sign various transactions on its behalf. This was discontinued in December 2021, but the allow list access was not revoked,\u201d the report reads. <\/p>\n<p>Following the hack, big changes are being implemented at both Sky Mavis and the Ronin Network. <\/p>\n<h3><span class=\"ez-toc-section\" id=\"Ronin\"><\/span>Ronin<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The Ronin Network hopes to have its bridge open again by mid to late May, with Binance providing support until then with withdrawal and deposit infrastructure for Axie users. <\/p>\n<p>The team is about 80% through upgrading Ronin bridge smart contracts, they\u2019ll be reworking the backend, migrating all pending withdrawals and launching a validator dashboard that \u201callows for approving large transactions and adding\/removing new validators.\u201d<\/p>\n<blockquote><p>\u201cThe Ronin Network bridge is currently being redesigned and will open once we are confident that it can stand the test of time. We initially expected to be able to deploy the upgrade by the end of April, but this is not a process that we can afford to rush.\u201d<\/p><\/blockquote>\n<p><strong><em>Related: <\/em><\/strong><strong><em>Binance recovers $5.8M in funds connected to Ronin bridge exploit<\/em><\/strong><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Sky_Mavis\"><\/span>Sky Mavis<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Sky Mavis will ramp up its security measures by seeking the help of \u201ctop tier security experts,\u201d conducting contract audits and implementing stricter internal procedures such as training courses to \u201ccombat external threats.\u201d<\/p>\n<p>Notably, it will also be significantly upping its node count to help decentralize the project. Having already increased from nine to 11, Sky Mavis intends to get that number up to 21 within three months. Longer-term, the project is eyeing more than 100 nodes. <\/p>\n<p>Sky Mavis will also be launching bug bounties of up to $1 million for any white hat hackers who are able to find further vulnerabilities. <\/p>\n<blockquote><p>\u201cWe recognize the importance and value of security researchers\u2019 efforts in helping keep our community safe. Sky Mavis is offering bounties of up to $1 million to encourage responsible disclosure of security vulnerabilities.\u201d<\/p><\/blockquote>\n<p><template data-name=\"subscription_form\" data-type=\"markets_outlook\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/plan-for-1m-bug-bounties-and-double-the-nodes-in-wake-of-600m-ronin-hack\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Plan for $1M bug bounties and double the nodes in wake of $600M Ronin hack &#8220; The Ronin Network and Sky Mavis have vowed to upgrade their smart contracts, offer lucrative bug bounties and ramp up security following the $600 million hack late last month. As Cointelegraph previously reported, the Ethereum sidechain developed for&#8230;<\/p>\n","protected":false},"author":1,"featured_media":438592,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDQvNTJlN2Y3YjUtYjg0OS00YWIwLWI3ZDYtZmFiZTg3YmEyNjI3LmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74894,91083,74882,95118,80,10751,70944],"class_list":["post-438591","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-blockchain","tag-blockchain-game","tag-hacks","tag-nft","tag-games","tag-gaming","tag-hackers"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/438591","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=438591"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/438591\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/438592"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=438591"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=438591"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=438591"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}