The developers of the Ronin sidechain involved in the Axie Infinity blockchain game revealed additional details of the attack that led to the theft of over $600 million in crypto assets. The team also talked about measures to improve the security of the project.

We have prepared an autopsy of the Ronin abuse that occurred on March 23.

• Caused?
• What are we doing to make sure this never happens again?
• Ronin bridge re-boot updatehttps://t.co/FfwCtCG84E

— Ronin (@Ronin_Network) April 27, 2022

On March 23, 2022, Ronin was hacked – the hacker pulled 173,600 ETH and 25.5 million USDC from the project’s cross-chain bridge.

As a result of a phishing attack on one of Sky Mavis’ employees (behind the development of Axie Infinity), the attacker managed to gain access to both the company’s infrastructure and Ethereum sidechain validators.

At that time, Sky Mavis was controlling four of the nine validators – this was not enough for an unauthorized withdrawal. However, associated with gasless RPC– The Ronin node vulnerability allowed a hacker to obtain the signature of the Axie DAO validator.

“This is due to an incident in November 2021 where Sky Mavis sought assistance from Axie DAO to deploy gasless operations due to its huge user load. Axie DAO allowed Sky Mavis to sign transactions on its behalf. This practice was abandoned in December 2021. was revoked, but access was not revoked, ”explained the developers.

The team stressed that the vulnerability was closed by adding two additional validators. Over the next three months, their numbers will increase to 21 in the long run – up to 100 knots.

According to the developers, they did not notice the attack in time because the Ronin had a weak system for monitoring large exits from the inter-chain bridge address. To fill this void, the team brought in CrowdStrike, Polaris Infosec, and other security-focused companies.

The developers also stated that their goal is to implement a zero trust architecture. Second, it assumes that Sky Mavis is always exposed to external and internal threats, so it checks and authorizes every connection.

The team noted that they are working on the launch of the Ronin Bridge and expect to open the cross-chain bridge in mid or late May.

Recall that in April 2022 Sky Mavis launched a bounty program to look for vulnerabilities. The size of the bounty for bugs found in the blockchain and smart contracts ranges from $1,000 to $1 million, depending on their severity.