What does Binance Chain’s temporary suspension mean and what is next? Find out more.
Today, transactions on Binance Smart Chain (BNB) were temporarily suspended. After researchers noticed suspicious activity from the whale wallet containing more than $500M of BNB, network participants and others took action to suspend it temporarily. To stop this incident, Binance’s validator group took coordinated actions at 9:00 PM EDT.
What happened?
The initial temporary suspension of the network was only temporary. Security researchers discovered unusual activity on the chain from an unknown source, which led to it being permanently suspended. The hacker managed to fool the Binance Bridge and release two million BNB tokens totaling more than $500M.
Binance CEO Changpeng Zhao was swift to act and notify the public what’s happening.
Binance Bridge
Cross-chain bridge works in the same way as other blockchain bridges. It allows users to wrap native Binance tokens and use them outside their local chain. The practical way to use the cross-chain bridge is that users deposit the required amount of BNB and receive a wrap version of their token which can be used on any other chain. The vulnerability of blockchain bridges has been demonstrated. In 2022, 3 different networks have had their bridges exploited to large amounts.
How to handle the incident
Participants in the network and third-party security partners realized the hacker attempted to seize the funds and took immediate and decisive actions to stop it. The hacker has now been stopped from performing any more malicious transactions. While this was a great way to prevent further damage, a significant portion of crypto-community saw it as an obvious breach in immutability, decentralization and other key features of a Blockchain network.
Chain centralisation has been a topic of contention in crypto circles. The focus is now on risks of centralization in Proof-of Stake consensus. This is due to hosting validator nodes in centralized cloud services following the Ethereum Merge.
What’s the Damage
CZ stated that user funds will remain intact, mentioning that the exploit resulted in “Extra BNB.” With a few hours of downtime and a slight dip in the price of BNB, we can argue that the damage was relatively limited.
Zhao explained further that Zhao managed to extract tokens worth $100M before the incident. This amounts roughly 25% of the token burn. $7M of the total has already been frozen with the help of the network’s internal and external security partners, according to an official BNB chain Reddit post.
What’s Next
The BNB chain team quickly developed a hotfix, and released a hard fork. By blacklisting related addresses, this will prevent hacker accounts making transactions and disable cross-chain transactions between BNB beacon chain (and BNB smart) chains. It is located right at the affected bridge. BSC node runners will update clients to the most recent BSC version 1.1.5 Github release.
The BNB chain appears to be running smoothly since the upgrade of the network, but some users reported difficulties with transactions. As more of the network’s nodes upgrade, it is likely that things will get better.