NEAR Rainbow Bridge defended itself from an attack this weekend and also got paid by the hacker, by taking 5 ETH from them thanks to automated watchdogs it has designed.
The Attacker And His Lost 5 ETH
Alex Shevchenko, CEO of Aurora Labs, revealed Monday that the NEAR Rainbow Bridge defended itself from an attack over the weekend, resulting in the hacker losing 5 ETH.
Shevchenko said that the assault was automatically neutralized within 31 seconds, demonstrating a highly robust protection system to preserve bridge users’ cash.
Users may utilize the Rainbow Bridge to transfer $ETH, $NEAR, and ERC-20 tokens between networks. The bridge, on the other hand, is based on trustless assumptions with no chosen middleman to move messages or assets across chains. Because of these assumptions, anybody may engage with smart contracts, typically with ill motives.
However, because to the requirement for “a consensus of NEAR validators,” bad actors cannot submit “incorrect” information. Shevchenko went on,
“if someone tries to submit incorrect info, then it would be challenged by independent watchdogs, who also observe NEAR blockchain.”
Over the weekend, a fake NEAR block was submitted, necessitating a 5 ETH payment. On Saturday, August 20, at 04:49:19 PM UTC, the transaction was successfully sent to Ethereum. Shevchenko said that the attacker hoped it would be difficult to respond to the attack early Saturday morning. However, the automatic watchdogs contested the transactions, resulting in the attacker losing their deposit 31 seconds later at 04:49:50 PM UTC.
Shevchenko said that after receiving the answer from the automated watchdog, the security team examined the bridge’s condition within an hour to confirm no additional action was necessary.
Shevchenko concluded the discussion by addressing the attacker directly, saying,
“dear attacker, it’s great to see the activity from your end, but if you actually want to make something good, instead of stealing users money and having lots of hard time trying to launder it; you have an alternative — the bug bounty.”
Schevchenko’s original Twitter thread is below:
🧵 on the Rainbow Bridge attack during the weekend
TL; DR: similar to May attack; no user funds lost; attack was mitigated automatically within 31 seconds; attacker lost 5 ETH. pic.twitter.com/clnE2l8Vgz— Alex Shevchenko 🇺🇦 (@AlexAuroraDev) August 22, 2022
How Does Rainbow Bridge Work
First things first. All anybody needs is the ETH Faucet and a Metamask wallet to get started. Then, once on NEAR, the transaction will confirm in approximately 1-2 seconds, all while costing under a $1 in most cases.
Sending assets from ETH to NEAR takes 20 blocks worth of time (6 minutes) and for ERC – 20 costs about $10 (average amount).
Now, doing it the other way around i.e. sending NEAR back to ETH takes a maximum of 16 hours, and this is just due to ETH finality times. This would cost the user around $60.
NEAR is hoping to improve speeds and costs in the near future.
Read the latest crypto news.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post