Arsablog

The vulnerability in Arbitrom’s network codes was identified and fixed

با گزارش یک هکر باگ موجود در به‌روز رسانی نیتر آربیتروم برطرف شد

Arbitrum, one of the most popular Layer 2 solutions of the Ethereum network, three days ago rewarded a white hat hacker with 400 Ether units, equivalent to $560,000, for finding a critical vulnerability in its code.

According to Blockchain Homeland and quoted by Cryptopotito, this white hat hacker who works on Twitter under the name Riptide noted that he found vulnerabilities in smart contracts written in Solidity language; Multi-million dollar vulnerabilities that could potentially affect anyone using Arbitrum’s network.

Arbitrum survived a multi-million dollar loss

A few weeks before the Arbitrum Network Nitro update code was released, the hacker thoroughly reviewed the code and reviewed the related smart contracts to find potential bugs.

However, after this update, he noticed some errors that hindered the proper functioning of the Arbitrum Bridge. After further investigations, this hacker realized that Arbitrum’s inbox sequencer is delayed.

Riptide said in this regard:

A client can send a message to the sequencer by signing and publishing a layer one transaction to the arbitrage delay inbox. This feature is mostly used to deposit Ethereum or tokens through a bridge.

After re-examining the smart contract, he realized that there is a bug in the inbox sequencer that any hacker can steal millions of dollars of Ethereum deposited from layer 1 to layer 2.

However, Riptide decided to report the discovered bug to Arbitrum and accept the $2 million reward that the solution gives to white hat hackers for discovering critical bugs. But surprisingly, Arbitrum paid only 400 Ether units to this hacker. In response to this incident, Riptide claimed that the importance of the discovered bug has no match with the payment figure.

Riptide's tweet
Source: Twitter

white hat hackers; A profitable business in the field of digital currency

Reviewing the code of various projects in the cryptocurrency space is very important. Over recent years, various projects have announced rewards to white hat hackers who find potential vulnerabilities in their code or smart contract.

For example, in mid-February, Coinbase paid a $250,000 reward to a hacker named Tree of Alpha. This hacker had found an important vulnerability in the advanced trading section of the Coinbase exchange and saved the exchange from a loss of several billion dollars.

At that time, Tree of Alpha thanked Coinbase for the payment and stated that this money could help him in his retirement. However, Riptide believes the higher reward could deter more gray hat hackers from exploiting the vulnerabilities.

According to the previous report of Blockchain Homeland, a hacker named Jay Saurik Freeman, who is currently working with the decentralized VPN Orchid protocol and is very famous in the field of jailbreaking the iOS operating system, not long ago after discovering an important bug in the Optimism network, more than 2 million Received bonus dollars.

source

Leave a Reply

Your email address will not be published.