Slow Mist: A brief analysis of the Nomad bridge attack event of the cross-chain interoperability protocol

Jinjin Finance News, according to the news from the SlowMist area, the cross-chain interoperability protocol Nomad bridge was hacked, resulting in unexpected withdrawal of funds. The SlowMist security team analyzed as follows:

1. In Nomad's Replica contract, users can initiate a cross-chain transaction through the send function, and execute it on the target chain through the process function. During the process operation, the acceptableRoot will be used to check that the message submitted by the user must belong to an acceptable root, which will be set in prove. Therefore, the user must submit a valid message to operate.

2. When the project party initializes the deployment of the Replica contract, it first sets the trusted root to 0, and then sets the trusted root to normal non-zero data through the update function. In the Replica contract, the time when the trusted root starts to take effect is saved through the confirmAt mapping to check whether the message root is valid in the acceptableRoot. However, when updating the new root, the confirmAt of the old root is not set to 0, which will cause the old root to still be in effect even though the trusted root in the contract has changed.

3. Therefore, the attacker can directly construct any message. Since it has not been proved, the root returned by this message map is 0, and the project party sets 0 as the trusted root during initialization and it has not been modified with the trusted root. However, the failure caused the arbitrarily constructed messages of the attacker to be executed normally, thereby stealing the assets of the Nomad bridge.

In summary, this attack is due to the fact that the trusted root of the Nomad Bridge Replica contract is set to 0x0 during initialization, and the old root is not invalidated when the trusted root is modified, resulting in the attack being able to construct arbitrary messages to steal funds from the bridge .

Other news:

Slow Mist: Badger DAO hackers have transferred about 1125 BTC cross-chain to 10 BTC addresses through renBTC: According to news on December 2, Badger DAO was hacked and user assets were transferred without authorization. According to the analysis of SlowMist MistTrack, so far, hackers have exchanged the profitable cryptocurrency into renBTC, and transferred about 1125 BTC cross-chain to 10 BTC addresses through renBTC. SlowMist MistTrack will continuously monitor the transfer of stolen funds. [2021/12/2 12:46:11]

SlowMist: Be wary of the new ETH fake recharge, and ETH fake recharge attacks have been found in the wild: After monitoring by the SlowMist security team, it has been found that there are ETH fake recharge attacks in the wild. The SlowMist security team decided to disclose the repair plan, please exchange Or the wallet checks the ETH entry logic in a timely manner, and if necessary, contact the SlowMist security team for detection to prevent the loss of funds. It is recommended that if you are not sure about the successful repair, you can temporarily suspend the recharge request from the contract address. Then perform the following repair operations: 1. When recharging the contract ETH, it is necessary to determine whether there is a revert transaction in the inline transaction, and if there is a revert transaction, refuse to enter the account. 2. Use manual entry to process contract entry, and manually enter the account after confirming that the recharge address has arrived. At the same time, it should be noted that similar risks may exist in Ethereum-like public chain currencies. [2020/5/23]

And postscript \"Better future\". Then the Lendf.Me platform admin account replied to the attacker through memo and brought the contact email. In addition, the wallet address of the Lendf.Me attacker received some victim users asking for help through memo. [2020/4/20]