In what now seems like a weekly event, the latest big crypto hack has made off with nearly $200 million in value from Nomad, a so-called cross-chain token bridge. These bridges are designed to allow people to transfer crypto tokens between different blockchains and, without getting too far into the weeds, work by locking up tokens in one chain and re-issuing them in a ‘wrapped’ form on another: this process is called a smart contract.
Clearly not too smart, though, as Nomad has now acknowledged the hack and frenzied free-for-all. In a statement to Coindesk (opens in new tab) the company said: “An investigation is ongoing and leading firms for blockchain intelligence and forensics have been retained. We have notified law enforcement and are working around the clock to address the situation and provide timely updates. Our goal is to identify the accounts involved and to trace and recover the funds.”
So, what happened? Essentially Nomad pushed an update that made it easy for users to fake transactions and withdraw funds from the bridge that didn’t belong to them. This was not an exploit that required elite skills to take advantage of and, when it was noticed, hackers descended en masse and stole almost everything being held by Nomad’s Ethereum Mainnet smart contract.
Security researcher Samczsun, who works for the crypto investment firm Paradigm, explains the exploit in the below tweet thread, unrolled here (opens in new tab).
2/ It all started when @officer_cia shared @spreekaway’s tweet in the ETHSecurity Telegram channel. Although I had no idea what was going on at the time, just the sheer volume of assets leaving the bridge was clearly a bad sign pic.twitter.com/klHNfthVvjAugust 1, 2022
Essentially, the system had defaulted to accepting every message as ‘proven’ by default: “It turns out that during a routine upgrade, the Nomad team initialized the trusted root to be 0x00. To be clear, using zero values as initialization values is a common practice. Unfortunately, in this case it had a tiny side effect of auto-proving every message.”
That is, the process should be checking that every message is proven by the prover. This is a pretty foundational function. Nomad wasn’t doing it, allowing transactions to be faked, and the hordes descended.
“This is why the hack was so chaotic,” writes Samczun. “You didn’t need to know about Solidity [a crypto programming language] or Merkle Trees [a data structure to verify transactions] or anything like that. All you had to do was find a transaction that worked, find/replace the other person’s address with yours, and then re-broadcast it.”
Ultimately this came down to what should have been a run-of-the-mill update leaving the back door wide open. “Attackers abused this to copy/paste transactions,” writes Samczun, “and quickly drained the bridge in a frenzied free-for-all.”
Crypto being crypto, which is to say a massive interlinked ecosystem (or stack of dominoes), it gets even worse. Nomad is or was used as a canonical or optimistic bridge (opens in new tab), meaning that many smaller and new blockchain companies use them to start playing a role in the wider crypto ecosystem.
Nomad has been chosen as the canonical bridge for @EvmosOrg, @MoonbeamNetwork, and @milkomeda_com, you need to get all of your assets off these chains immediately.August 1, 2022
Moonbeam suspended its service temporarily but reckons it’s largely unaffected (opens in new tab), while Milkomeda says “our hearts go out to anybody affected (opens in new tab)” which I’m sure is a comfort. Evmos seems the worst-affected and is “brainstorming community solutions (opens in new tab)” which is certainly a good euphemism for ‘we’re fucked’.
A mere five days ago Nomad raised $22.4 million in a seed round, investors in which included the massive crypto companies Coinbase Ventures, Crypto.com and OpenSea. This valued Nomad at around $225 million. How to lose a lot of money fast, eh.
Crypto almost seems like a synonym for scandal at the moment, with the sector’s claims of security being turned over again and again by hacking groups. In its way Nomad is one of the most worrying of the lot, because it wasn’t sophisticated: this looks like it can ultimately be attributed to human error.
This year has already seen the biggest hack in crypto history, when $600 million of crypto value was siphoned out of Axie Infinity (the CEO of the company also transferred $3 million out before making the news public (opens in new tab)). This was also a bridge hack, as was a $300 million hack on the Wormhole protocol (opens in new tab) that was catastrophic for the Solana blockchain.
Yes: we’re getting into word salad again. It’s also worth bearing in mind that all the above amounts are crypto amounts and not hard cash. A lot of money is being lost but it can be hard to be exact: estimates of the total value lost to hackers by Nomad go from $45 million to $200 million.
“The goal of Nomad is to provide the connective tissue to enable users and developers to interact securely in a multi-chain world” reads the cross-chain bridge’s documentation (emphasis theirs). Nomad sold people on the idea its protocol could offer more security for crypto transactions than the competition. Perhaps it’s Nomad’s time to move on.