Callisto Network
WebsiteSecurity DepartmentTwitter
  • Whitepaper
    • ๐Ÿ‡ฎ๐Ÿ‡นWhitepaper (ITA)
    • ๐Ÿ‡ฎ๐Ÿ‡ณWhitepaper (TELUGU)
    • ๐Ÿ‡ฎ๐Ÿ‡ณWhitepaper (HINDI)
    • ๐Ÿ‡จ๐Ÿ‡ณWhitepaper (CN Traditional)
    • ๐Ÿ‡ญ๐Ÿ‡ฐWhitepaper (CN Simplified)
    • ๐Ÿ‡ซ๐Ÿ‡ทWhitepaper (FR)
    • ๐Ÿ‡ต๐Ÿ‡ญWhitepaper (PH)
  • ๐Ÿ“ŒStrategic Plan
  • Callisto Network Vision
  • ๐Ÿš€Callisto Network Progress Tracker
  • ๐Ÿ—“๏ธEcosystem Reports
    • Callisto Monthly - February 2023
    • Callisto Monthly - January 2023
      • ๐Ÿ‡ฎ๐Ÿ‡นCallisto Monthly - January 2023 (ITA)
      • ๐Ÿ‡ซ๐Ÿ‡ทCallisto Monthly - January 2023 (FR)
      • ๐Ÿ‡ฎ๐Ÿ‡ณCallisto Monthly - January 2023 (TELUGU)
    • Callisto Monthly - December 2022
      • ๐Ÿ‡ฎ๐Ÿ‡นCallisto Monthly - December 2022 (ITA)
      • ๐Ÿ‡ซ๐Ÿ‡ทCallisto Monthly - December 2022 (FR)
      • ๐Ÿ‡ต๐Ÿ‡ญCallisto Monthly - December 2022 (PHI)
    • Callisto Monthly - November 2022
      • ๐Ÿ‡ซ๐Ÿ‡ทCallisto Monthly - November 2022 (FR)
      • ๐Ÿ‡ฎ๐Ÿ‡นCallisto Monthly - November 2022 (ITA)
      • ๐Ÿ‡ฎ๐Ÿ‡ณCallisto Monthly - November 2022 (TELEGU)
    • Callisto Monthly - October 2022
      • ๐Ÿ‡ฎ๐Ÿ‡นCallisto Monthly - October 2022 (ITA)
      • ๐Ÿ‡ซ๐Ÿ‡ทCallisto Monthly - October 2022 (FR)
      • ๐Ÿ‡ต๐Ÿ‡ญCallisto Monthly - October 2022 (PHI)
      • ๐Ÿ‡จ๐Ÿ‡ณCallisto Monthly - October 2022 (CN Simplified)
      • ๐Ÿ‡ญ๐Ÿ‡ฐCallisto Monthly - October 2022 (CN Traditional)
      • ๐Ÿ‡ท๐Ÿ‡บMonthly - October 2022 (RU)
    • Callisto Monthly - September 2022
      • ๐Ÿ‡ฎ๐Ÿ‡นCallisto Monthly - September 2022 (ITA)
      • ๐Ÿ‡ซ๐Ÿ‡ทCallisto Monthly - September 2022 (FR)
      • ๐Ÿ‡ต๐Ÿ‡ญCallisto Monthly - September 2022 (PHI)
      • ๐Ÿ‡จ๐Ÿ‡ณCallisto Monthly - September 2022 (CN Simplified)
      • ๐Ÿ‡ญ๐Ÿ‡ฐCallisto Monthly - September 2022 (CN Traditional)
    • Callisto Monthly - August 2022
      • ๐Ÿ‡ฎ๐Ÿ‡นCallisto Monthly - August 2022 (ITA)
      • ๐Ÿ‡ซ๐Ÿ‡ทCallisto Monthly - August 2022 (FR)
      • ๐Ÿ‡ต๐Ÿ‡ญCallisto Monthly - August 2022 (PH)
    • Callisto Monthly - July 2022
      • ๐Ÿ‡ฎ๐Ÿ‡นCallisto Monthly - July 2022 (ITA)
    • Callisto Monthly - June 2022
    • Callisto Monthly - May 2022
    • Callisto Monthly - April 2022
    • Callisto Monthly - March 2022
  • Technologies
    • ๐Ÿ“ˆCallisto Dynamic Monetary Policy
      • Crypto-models To Overcome Inflation and Callisto Network's Approach
      • Skuld Hard Fork - Update On Progress
    • ๐ŸงŠCold Staking
      • Cold Staking And PoS Staking Comparison
    • ๐Ÿช™Wrapped Callisto (ccCLO)
    • ยฎ๏ธDexNS 2021
    • โ›๏ธProof of Work
      • ZPoW #1 - Exploiting The Block Time & Block Size
      • Callisto Network Introduces the Dynamic Gas Price
    • โ“‚๏ธCallisto Network Masternodes
    • ๐ŸŽ“Tutorials
      • Setting Up Metamask For Callisto Network
        • Update the RPC URL in MetaMask
      • How to buy Callisto with Your Credit Card
      • How to Run a Callisto Network Node?
      • Callisto Network Masternodes Set-up
    • ๐ŸŒCallisto Hub
    • ๐ŸงฉWeb 3.0 Infrastructure
    • ๐Ÿ”Chain Inspector
  • We Fund You!
    • ๐Ÿ’ฒWe Fund You!
      • We Fund You Award - 1st Edition
  • Security Department
    • ๐Ÿ”Auditing Department
      • Auditing Department Amendment v5
    • ๐Ÿ“–Documentation
      • ๐Ÿ›ก๏ธSecurity Department Best Practices
      • ๐Ÿช™ERC 223 Token Standard
        • ERC20 Standard Main Issue
      • ๐Ÿ–ผ๏ธCallistoNFT Standard
        • Roadmap
      • โœ–๏ธCross-Chain Bridges Security Model
    • Products & Services
      • ๐Ÿ”Security Audits For Smart Contracts
        • Mission: Securing The Smart Contracts Ecosystem
        • Trust and Smart Contracts: Code is the Limit
    • ๐ŸคVarious Contributions
      • Ethereum Classic
        • ECIP-1092 51attack solution: PirlGuard & Callisto proposal
      • Ethereum
        • Statement regarding Geth v1.10.8 split
      • EOS
        • Page 1Chintai (EOS resource exchange) low severity issue.
        • EOS congestion 9/13/2019 and EOSPlay hack
      • Ultimate solution to 51% attacks: amend the Nakamoto consensus
  • Hack Investigation Dept.
    • Hack Investigation Department
    • Helio Exploit
    • Binance Bridge Hack
    • TempleDAO's STAX Contract Hack Investigation
    • NFT Theft Analysis
    • AUDIUS Governance System Exploit Overview
    • LUNA โ€˜Hardforkโ€™ Review
  • One Earth, One Heart
    • ๐ŸŒŽOne Earth, One Heart
    • ๐Ÿ’šCallisto Charity Efforts
  • Community
    • ๐Ÿ“ฅCallisto Network Improvement Proposals
    • ๐Ÿ’ฌCallisto AMAs
      • Callisto Team's Ask Me Anything on 04/05/2023
      • Callisto Team's Ask Me Anything on 03/03/2023
      • Callisto Team's Welcome AMA on 10/11/2022
      • Callisto Team's Ask Me Anything on 10/10/2022
      • Callisto Security Team's Ask Me Anything on 02/09/2022
      • Callisto Team's Ask Me Anything on 28/07/2022
      • Dexaran's Ask Me Anything on 11/04/2022
    • ๐Ÿ“ŒGet Started
  • Callisto Enterprise
    • ๐Ÿช™Callisto Enterprise Token
      • Vision and Tokenomics
    • ๐Ÿ‘ฅTeam
      • Callisto Team Motivation System
  • In The Press
    • ๐ŸŸขCallisto Network
      • Ethereum, Ethereum Classic, Callisto Network, A Common History
      • Callisto Network: Three Years After Mainnet Launch
      • Czech Ethereum Killer
    • ๐Ÿ–ผ๏ธNFTs
      • Artist Creates And Then Destroys Art To Launch CallistoNFT
      • Security Network Develops New NFT Standard To Address ERC-721 Flaws
  • Miscellaneous
    • ๐ŸงฉMedia Kit
Powered by GitBook
On this page
  • Exploit overview
  • How crosschain bridges work?
  • What happened?
  • The root of the problem
  • Conclusions
  1. Hack Investigation Dept.

Binance Bridge Hack

PreviousHelio ExploitNextTempleDAO's STAX Contract Hack Investigation

Last updated 2 years ago

Exploit overview

On 6 October 2022 an attacker tricked Binance Bridge to issue 2M BNB (worth ~$550M at that moment). The attacker then used the โ€œprintedโ€ BNB as a collateral to borrow multiple other assets and transferred them to other EVM-compatible chains. Approximately $130M worth of assets were moved out. The rest were frozen.

How crosschain bridges work?

Assume that we have two chains (Chain_A and Chain_B). Both chains implement smart-contracts. There is a โ€œcrosschain bridgeโ€ between chains A and B that allows users to swap asset_A from chain_A to chain_B.

In fact, the โ€œcrosschain bridgeโ€ consists of three main components:

  • Smart-contract on chain_A โ€” this contract accepts deposits of asset_A on chain_A and emits an event that indicates that some quantity of asset_A was deposited by the user and it needs to be swapped to chain_B.

  • Smart-contract on chain_B โ€”this contract can create wrapped tokens. Whenever a user wants to swap X quantity of asset_A from chain_A, a contract on chain_B creates X quantity of wrapped_asset_A and sends it to the userโ€™s address.

  • Relay โ€”it is important to note that a smart contract cannot access any information outside of the chain on which it is deployed. It is impossible for the contract on chain_B to read any information about the state of contract on chain_A. Relay is a service that forwards data from one chain to another. When it sees a deposit to the contract on chain_A the relay pushes contract on chain_B so that it would create wrapped tokens.

In most cases there are sophisticated rules of how relays communicate with contracts and how it is verified that what is being relayed has actually happened.

If the relay will tell contract on chain_B to create tokens by mistake is that it would create tokens that are not backed by the actual deposited amount of original asset on the original chain.

What happened?

On 5th October 2022 the attacker purchased 100 BNB at ChangeNow. Then the attacker registered as a Relayer for BSC Token Hub. Token Hub acts as a bridge between BNB Beacon Chain (BEP2) and Binance Smart Chain (BEP20).

On 6:26 PM UTC the attacker tricked the Bridge to print 1,000,000 BNB. After that the attacker made 15 sequential attempts to print another 1M BNB but none of these were successful. 16th transaction at 8:43 PM UTC was successful and the attacker received another 1,000,000 BNB.

The attacker used a lending protocol Venus to put 900,000 BNB as a collateral to borrow USDT, USDC and BUSD. The stablecoins were then swapped to other EVM-compatible chains. These funds are still under attackers control.

The root of the problem

There was a bug in the proof verification model that was exploited and allowed the attacker to deceive the Bridge and cause it to โ€œprintโ€ funds that should not have existed.

The contracts system and relays model was not audited or at least there is no publicly available audit report.

The response from Binance team and community was quick and effective, even though a huge quantity of assets was swapped to other chains where Binance had no control over the funds. A total $100,000,000 worth of stablecoins were swapped away.

Conclusions

This attack was executed with a high level of expertise from hackers side. The attacker was very familiar with internal structure of the Bridge, BSC ecosystem and possible responses. As the result, the attacker managed to swap away a significant amount of funds despite the reaction from the BSC team and the community.

There were no attempts to communicate with the hacker.

There was no public bug bounty, which in turn meant that the hacker had no way to monetize the vulnerability other than exploiting it.

Security audit by a third party should have been conducted but this was not done.

After that the attacker exploited a vulnerability in BSC Token Hub proofs verification model to create an arbitrary message on block 110217401 (you can read the full analysis of how it was done ). This allowed the attacker to cause the Bridge to โ€œprintโ€ 2,000,000 BNB out of thin air as if it was swapped while in fact these were not.

Binance team issued and halted BSC. Later the attackers funds that remained on BSC were burned.

Here you can find from for the hack from Binance team.

here
the announcement
the official response