One of the most popular cross-blockchain bridges may have been the victim of a hack worth over $250 million on Wednesday.
In a tweet, the project’s official Twitter handle confirmed that the bridge is currently down while the team investigates a potential exploit, and the official website simply reads “Portal is Temporarily Unavailable.”
On-chain analysts called attention to a 80,000 ETH transaction from wormhole to an address currently in possession of over $250 million worth of ETH.
In a tweet, prominent pseudonymous Paradigm security researcher “samczsun” noted that the Wormhole team has reached out to the exploiter’s address on the Ethereum network, offering a $10 million bounty for returning the funds.
— samczsun (@samczsun) February 2, 2022
The hack has raised alarm in DeFi circles, as it now means that ETH that has been bridged to Solana may be unbacked.
Cross-blockchain bridges often work by taking an asset, such as ETH, and locking it in a contract to issue a parallel asset on the bridged chain.
It is not immediately clear what the ramifications for Solana lending markets and other protocols might be if the ETH issued by Wormhole cannot be bridged back to the Ethereum main chain and is now valueless.
Ironically, in a Reddit post in January, Ethereum co-founder Vitalik Buterin argued that bridges will not be popular in the future, due in part to risks to bridged asset backing:
My argument for why the future will be *multi-chain*, but it will not be *cross-chain*: there are fundamental limits to the security of bridges that hop across multiple “zones of sovereignty”. From https://t.co/3g1GUvuA3A: pic.twitter.com/tEYz8vb59b
— vitalik.eth (@VitalikButerin) January 7, 2022
CoinDesk has reached out to Certus One and others for comment and will update with their response.
This is a developing story and will be updated.