Paradigm researcher explains the reason for the BNB Chain hack

What’s new? A researcher at crypto investment firm Paradigm under the nickname samczsun described how the BNB Chain hack took place on October 7. The expert reported that a critical vulnerability allowed an attacker to “convince” the BSC Token Hub cross-chain bridge to send them 1 million BNB tokens twice.

Five hours ago, an attacker stole 2 million BNB (~$566M USD) from the Binance Bridge. During that time, I've been working closely with multiple parties to triage and resolve this issue. Here's how it all went down. pic.twitter.com/E0885Dc3lW— samczsun (@samczsun) October 6, 2022

Details of the hack. samczsun compared the hacker's transactions to legitimate withdrawals. The first thing he noticed was that the block height used by the attacker was always the same — 110217401. The height used in legitimate withdrawals was much higher.

The researcher also noticed that the "proof" of the transaction was much shorter than that of legitimate transactions. These two facts led samczsun to believe that the attacker had found a way to forge the proof for this particular block, 110217401.

Binance has a special pre-compilation contract used to verify IAVL trees. samczsun explained that the verification specifies a list of “operations.” The BSC bridge usually asks for two of them: “iavl:v” and “multistore.” In his thread, the expert cited their implementation on GitHub.

To forge a proof, both operations must be successful and the last operation (the multistore) must return a fixed value (hash of the specified block: 110217401).

According to the expert, such an implementation suggests that the root hash is very difficult to manipulate. In this case, the input value must be equal to one of the identifiers. The input value of the "multistore" operation is the output value of the "iavl:v" operation. The attacker probably managed to retain control of the root variable by passing the value check.

There was a bug in the BSC Token Hub bridge proof-checking method that allowed the hacker to forge arbitrary messages. samczsun, noted that he only forged two messages, but the damage could have been much more serious.

What is the BNB Smart Chain? It is the world's largest blockchain by the number of transactions and users, created by cryptocurrency exchange Binance in 2022. More than 1300 decentralized applications (dApps) are built on the platform. The network has a native BNB token. In June, BNB Chain announced an increase in decentralization and blockchain bandwidth, as well as more validators.

As of October 7 at 14:15 UTC, BNB is trading at $283,1, down 3,25% overnight.

At the time of publication, BNB Chain was back up and validators had conducted code updates.

📢BNB Smart Chain (BSC) is running ok from 20+ mins ago.The validators are confirming their status and the community infrastructure are upgrading as well.— BNB Chain (@BNBCHAIN) October 7, 2022