Sky Mavis Release Report On $600 Million Ronin Exploit With Future Roadmap and Validator Action Plan

Sky Mavis Release Report

Welcome back to the Tribe! In this post we are discussing the Sky Mavis Release Report over the recent Ronin exploit.

Nothing should be considered investment or financial advice. Enjoy the ride!

Sky Mavis Release Report

Nearly a month after the biggest exploit in decentralized finance history, the Sky Mavis team has released an updated post-mortem audit on the massive $600 million hack on the Ronin Bridge.

The roadmap explains the team’s plan to redesign the sidechain, boost security protocols, and launch a bug bounty program. Also, the report gives further insight into how the alleged North Korean cybercriminal group Lazarus deployed the attack and compromised the protocol.

Ronin Plans to Increase Network Validators To 100 ASAP

The latest post-mortem report from Sky Mavis explains that the suspected hacker group Lazarus gained access to the Ronin bridge through an advanced spear-phishing attack on a company employee. 

After compromising the unnamed employee’s device, the group supposedly gained access to the company’s IT system, and subsequently, the validator nodes needed to deploy the mindboggling exploit. 

Moving forward, the team has released a roadmap geared towards rebuilding the protocol and restoring user confidence in Ronin. Among the chief points in the roadmap, Sky Mavis plans to increase the validator nodes from nine to 11. The network will reportedly add the three extra nodes in the coming weeks. 

A three-month timeline has also been set to further boost the validator number to 21. In the long term, the team hopes to have more than 100 validators to ensure such an event does not repeat itself.

Other points on the roadmap include:

  • Continuously working with top tier security experts to avoid lingering threats
  • Implement Stricter Internal Procedures
  • Conduct Audits
  • Create a Zero-Trust Organization
  • Launch Bug Bounty
  • ISO27001 and other security-related certifications. 

Furthermore, the report explains that a four-point checklist has been created to guide Ronin’s redeployment. The checklist includes up upgrade on bridge contracts, a new backend, a validator dashboard for verifying larger transaction events, and migrating pending withdrawals.

The $600 Million Ronin Hack

During the last week of March 2022, $600 million in digital assets were stolen from the Ronin network. Ronin operates as a sidechain built by the Sky Mavis team and is popular for powering one of the biggest blockchain games – Axie Infinity. 

As San Fransisco Tribe previously reported, 173,600 in Ether was stolen along with around 25.5 million in Circle’s USDC stablecoin. Since the hack occurred, portions of the funds have been funneled through the mixer protocol Tornado Cash in an attempt to obscure the source of the funds. 

Regarding the identity of the hackers, blockchain security firm Chainalysis and primarily the US Treasury Department claim that Lazarus, a notorious North Korean hacker group, was behind the massive exploit on Ronin’s bridge.

Authorities have since blacklisted wallets suspected to be controlled by the group and added said wallet addresses to the list of sanctions addresses.

The world’s leading cryptocurrency exchange Binance also reportedly recovered over $5 million of the stolen digital asset earlier in April 2022. CEO Changpeng Zhao confirmed the news and the official statement said the funds were found and frozen in more than 80 accounts on the exchange.

Other News – 21Shares and ByteTree Launch ETF

The first-ever Bitcoin x Gold exchange-traded product was launched by a collaboration between ETP issuer 21 Shares and ByteTree, an asset management heavyweight.

Read more here…

Sky Mavis Release Report News

Thanks for reading our post on the Sky Mavis Release Report over the exploit on the Ronin chain.

Make sure to follow our Twitter to stay up-to-date on all things crypto!

Cheers

sec sues crypto exchange binance

sec sues crypto exchange binance. Is this the lawsuit we have been waiting for or is the SEC going beyond their power

Latest Cryptocurrency Market Developments