Wallet hacks — Nomad crypto bridge drained of $190mm

The week has been highlighted by two major hacks that left users wallets drained of millions of dollars. The first being the crypto bridge Nomad that was drained of $190 million dollars. Over the last couple of months, a new trend has been noticed wherein Crypto Bridges have become the new target of such heist in the crypto world.

Bridges are the infrastructure that allow users to exchange assets between different blockchains, the digital database underpinning major cryptocurrencies. When a bridge service swaps one coin for another, it “wraps” the currency so that it will function on the other blockchain.

A wrapped coin does not become another currency altogether — “it just looks like it,”. Instead, a “token” is issued to represent the new coin on the different blockchain. For example, the user deposits Bitcoin in the bridge; in return for doing that, they receive a Bitcoin token on the Ethereum blockchain, and then can transfer that Bitcoin token, which is what is known as a wrapped asset, through the Ethereum blockchain.

To support these wrapped coins, bridge services hold large reserves of various coins. They have huge amounts of assets that back those wrapped tokens. A few days before the Nomad heist; the company had announced several big-name investors — including Coinbase Ventures, OpenSea and Crypto.com Capital — — that took part in an April funding round for US$22 million to help grow security-first cross-chain messaging solution.

During a routine upgrade the Nomad team initialized the trusted root to be 0x00. Using zero values as initialization values is a common practice in the industry. Unfortunately, in this case it had a tiny side effect of auto-proving every message. This mean that it took little technical knowledge to leverage the exploit this that became a frenzied “free-for-all”. All one had to do was find a transaction that worked, find/replace the other person’s address with theirs, and then re-broadcast it.

Solana wallets drained of US $4.5mm across 8,000 wallets

An unknown attacker drained thousands of wallets containing at least $4.5 million worth of Solana and USDC late Tuesday night. Initially it seemed to originate on the Solana browser wallet Phantom and was believed to compromise user keys — possibly involving seedphrases that were re-used among wallets on different chains.

However, it has now been confirmed that this is due to a private key exploit tied to the mobile software wallet Slope. All Slope wallets and any other wallet that had interacted with a Slope wallet was compromised but this was not the case with hardware wallets. The private keys of the wallets are believed to be inadvertently shared with a third party that let to the wallets being hacked.

World’s Most Secure’ Exchange ZB.com has recently seen a $5mm sell-off on a number of decentralized exchanges. Although, there has not been any confirmation of a hack — the platform has temporarily halted withdrawals citing maintenance.

Ethereum merge to Proof of Stake

With the merge now finalized for September and two test-runs with the Sepolia and Ropsten testnet running without a glitch. The third and final testnet merge of Goerli with Prater to happen between the 6 th and 12th of August the protocol will now be confident of the merge. It has already caused the cryptocurrency to jump by almost 44% last month as compared to BTC which is up ~15% during the same period.

However, Chandler Guo, a well-known Chinese crypto miner, has launched a campaign to fork the Ethereum blockchain and create a spinoff, proof-of-work version. Guo, in forking the Ethereum network, would be creating a new cryptocurrency, which he, at least for now, is calling ETHPOW.

Such a move would not be without precedent: In 2016, when developers forked Ethereum to attempt to remedy a massive hack, some purists remained on the old network, which they dubbed “Ethereum Classic” (ETC)

Creating and maintaining a new Ethereum network would require an immense amount of support, both economic and technical. ETHPOW would be an entirely distinct network and cryptocurrency from Ethereum, with no assumed value, infrastructure, or utility. Mining ETH was a profitable enterprise thanks to ETH’s underlying market value, and ETHPOW similarly would need to generate enough demand to incentivize mining it.

Mainstream Banks and Financial institutions entering the crypto world

Charles Schwab to launch Crypto Themed ETF on the NYSE

In a filing with the NYSE — the Charles Schwab prospectus mentions at least 80% of the fund’s assets will be invested in securities, like shares of companies that have a stake in crypto. For example, the prospectus said the fund currently has 44% of its assets invested in software companies and another 41% in the diversified financial sector. This is the first entry of the company into the crypto world after its competitor Fidelity

Santander rolls out Crypto Trading services in Brazil

Banco Santander SA the Brazilian subsidiary of the Spanish bank will be launching a trading platform for cryptocurrencies in a few weeks. They are also planning to introduce tokenization of debt instruments so that it is accessible to the wider audience.

Earlier in May a major competitor in Brazil NuBank had also launched a trading platform for cryptocurrencies which helped them acquire 1 million users.

Coinbase tie-up with BlackRock

Crypto exchange Coinbase has partnered with BlackRock, the world’s largest asset manager, to offer institutional users of its Aladdin platform access to crypto through Coinbase Prime. This connectivity with Aladdin will allow clients to manage their Bitcoin exposures directly in their existing portfolio management and trading workflows for a whole portfolio view of risks across asset classes.

Texas miner rewarded for shutting down operations

In some rather unusual news, due to the heat wave in Texas, The Electric Reliability Council of Texas (ERCOT) called on state residents to conserve energy wherever possible, nearly every industrial-scale miner answered the call. Collectively, the miners helped return to the grid over 1,000 megawatts in mining load. The council hence rewarded the miners with power-credits of roughly 439 Bitcoin which is roughly $9.5 million. This was better than the actual coins mined in June which was 318 Bitcoin.

Tylden D’Souza| NEST®

Join the NEST® Community

Website | Twitter | Discord | Telegram |
LinkedIn | Instagram | Medium | Youtube



Web3 Passport

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store