Crypto firm that promised security loses $200 million in 'frenzied free-for-all' hack

Hacker
(Image credit: Thianchai Sitthikongsak/Getty)

In what now seems like a weekly event, the latest big crypto hack has made off with nearly $200 million in value from Nomad, a so-called cross-chain token bridge. These bridges are designed to allow people to transfer crypto tokens between different blockchains and, without getting too far into the weeds, work by locking up tokens in one chain and re-issuing them in a 'wrapped' form on another: this process is called a smart contract.

Clearly not too smart, though, as Nomad has now acknowledged the hack and frenzied free-for-all. In a statement to Coindesk the company said: "An investigation is ongoing and leading firms for blockchain intelligence and forensics have been retained. We have notified law enforcement and are working around the clock to address the situation and provide timely updates. Our goal is to identify the accounts involved and to trace and recover the funds."

So, what happened? Essentially Nomad pushed an update that made it easy for users to fake transactions and withdraw funds from the bridge that didn't belong to them. This was not an exploit that required elite skills to take advantage of and, when it was noticed, hackers descended en masse and stole almost everything being held by Nomad’s Ethereum Mainnet smart contract.

Security researcher Samczsun, who works for the crypto investment firm Paradigm, explains the exploit in the below tweet thread, unrolled here.

Essentially, the system had defaulted to accepting every message as 'proven' by default: "It turns out that during a routine upgrade, the Nomad team initialized the trusted root to be 0x00. To be clear, using zero values as initialization values is a common practice. Unfortunately, in this case it had a tiny side effect of auto-proving every message."

That is, the process should be checking that every message is proven by the prover. This is a pretty foundational function. Nomad wasn't doing it, allowing transactions to be faked, and the hordes descended.

"This is why the hack was so chaotic," writes Samczun. "You didn't need to know about Solidity [a crypto programming language] or Merkle Trees [a data structure to verify transactions] or anything like that. All you had to do was find a transaction that worked, find/replace the other person's address with yours, and then re-broadcast it."

Ultimately this came down to what should have been a run-of-the-mill update leaving the back door wide open. "Attackers abused this to copy/paste transactions," writes Samczun, "and quickly drained the bridge in a frenzied free-for-all."

Crypto being crypto, which is to say a massive interlinked ecosystem (or stack of dominoes), it gets even worse. Nomad is or was used as a canonical or optimistic bridge, meaning that many smaller and new blockchain companies use them to start playing a role in the wider crypto ecosystem.

Moonbeam suspended its service temporarily but reckons it's largely unaffected, while Milkomeda says "our hearts go out to anybody affected" which I'm sure is a comfort. Evmos seems the worst-affected and is "brainstorming community solutions" which is certainly a good euphemism for 'we're fucked'.

A mere five days ago Nomad raised $22.4 million in a seed round, investors in which included the massive crypto companies Coinbase Ventures, Crypto.com and OpenSea. This valued Nomad at around $225 million. How to lose a lot of money fast, eh.

Crypto almost seems like a synonym for scandal at the moment, with the sector's claims of security being turned over again and again by hacking groups. In its way Nomad is one of the most worrying of the lot, because it wasn't sophisticated: this looks like it can ultimately be attributed to human error.

This year has already seen the biggest hack in crypto history, when $600 million of crypto value was siphoned out of Axie Infinity (the CEO of the company also transferred $3 million out before making the news public). This was also a bridge hack, as was a $300 million hack on the Wormhole protocol that was catastrophic for the Solana blockchain.

Yes: we're getting into word salad again. It's also worth bearing in mind that all the above amounts are crypto amounts and not hard cash. A lot of money is being lost but it can be hard to be exact: estimates of the total value lost to hackers by Nomad go from $45 million to $200 million.

"The goal of Nomad is to provide the connective tissue to enable users and developers to interact securely in a multi-chain world" reads the cross-chain bridge's documentation (emphasis theirs). Nomad sold people on the idea its protocol could offer more security for crypto transactions than the competition. Perhaps it's Nomad's time to move on.

Rich Stanton

Rich is a games journalist with 15 years' experience, beginning his career on Edge magazine before working for a wide range of outlets, including Ars Technica, Eurogamer, GamesRadar+, Gamespot, the Guardian, IGN, the New Statesman, Polygon, and Vice. He was the editor of Kotaku UK, the UK arm of Kotaku, for three years before joining PC Gamer. He is the author of a Brief History of Video Games, a full history of the medium, which the Midwest Book Review described as "[a] must-read for serious minded game historians and curious video game connoisseurs alike."