Hacker collects $2 million bounty after discovering fatal flaw in Ethereum rollup


A hacker has walked away with a $2 million bug bounty after discovering an alarming vulnerability on the Ethereum network. This flaw could have been very bad if found by black hat hackers who could have exploited the digital asset for billions of dollars worth of ETH. Instead, a “grey hat” hacker popularly known as Saurik notified the Ethereum team of the vulnerability and received a sizeable reward for doing so.

Finding the vulnerability on Ethereum

Hacker Saurik found the vulnerability on Optimism, an Ethereum Layer 2 rollup solution. The hacker himself published a report on how he found the vulnerability in the solution. Searching nano payment logs on the rollup, he had found a vulnerability that could allow an attacker to unrestrainedly withdraw a “virtually unlimited” amount of ETH from the solution.

Related Reading | TA: Ethereum overcomes hurdles why 100 SMA is key

It was similar to the attack method deployed on the popular smart contract blockchain Solana that led to the $353 million hacks on Wormhole. Like Wormhole, optimism characterizes what is known as “wrapped ether.” Users deposit their ether on the smart contract to basically serve as collateral and they are even these tokens that only exist on Optimism’s network. They then use the nano payment protocol to make transactions ever faster.

ETH recovers above $3,100 | Source: ETHUSD on TradingView.com

Saurik, known for developing the jailbroken iOS, had confirmed the vulnerability. However, instead of exploiting the vulnerability for personal gain, the self-proclaimed Gray Hat hacker reported it to the Optimism developers. In return, Saurik was rewarded with a $2 million bounty for his altruism, which helped make the network and Layer 2 rollup more secure for users.

Debunking popular rumors

After news of the vulnerability and subsequent bounty payment broke, rumors circulated about what an attacker could have done with it if they had chosen not to report it to the developers. The most popular of these was that the attacker could have drained an unlimited amount of ETH from the network. While this has some merit, it is mostly wrong.

First, the vulnerability is a Layer 2 rollup solution, Optimism. While the protocol exists on the Ethereum network, the network itself does not. This means that the vulnerability was located in the protocol alone. While an attacker could exploit this to withdraw an “unlimited” amount of ETH, they could only withdraw the available balance at the Optimism address.

Related Reading | Will Ethereum reach $7,000 this year? Finder’s panel says yes

Still, it’s no secret that if a black hat hacker found the vulnerability, the results would have been devastating for users of the Layer 2 protocol. This event speaks volumes about the usefulness of bug bounties. While the rewards for these bounties may seem excessive at first, one has to think about what the alternative would be if there were no incentive for hackers to publicize their findings. White hat hackers undoubtedly help save millions if not billions of dollars every year.

Featured image from Gagadget, chart from TradingView.com

About Author

Comments are closed.