According to Axie Infinity’s official Discord and Ronin Network’s official Twitter thread, along with its Substack page, the Ronin bridge and Katana Dex have been halted after suffering an exploit for 173,600 Ethereum (ETH) and 25.5 million USD Coin (USDC), worth a combined $612 million at Tuesday’s prices. In a statement, its developers said they are “currently working with law enforcement officials, forensic cryptographers and our investors to make sure that all funds are recovered or reimbursed. All of the AXS, RON and SLP [tokens] on Ronin are safe right now.”
There has been a security breach on the Ronin Network.https://t.co/ktAp9w5qpP
— Ronin (@Ronin_Network) March 29, 2022
As told by Ronin developers, the attacker used hacked private keys in order to forge fake withdrawals, draining the funds from the Ronin bridge in just two transactions. More importantly, the hack occurred on March 23 but was only discovered on Tuesday after a user allegedly uncovered issues after failing to withdraw 5,000 in ETH from the Ronin bridge. At the time of publication, RON, Ronin’s primary governance token, has fallen nearly 20% to $1.88 in the past hour.
Sky Mavis’ Ronin chain currently consists of nine validator nodes, of which at least five signatures are needed to recognize a deposit or withdrawal event. The attacker managed to gain control over five private keys, consisting of Sky Mavis’s four Ronin validators and a third-party validator run by Axie Decentralized Autonomous Organization, or DAO. Obtaining unauthorized access to the latter was especially…