Solana’s Bridge Hacked: Nothing Backing Wrapped Tokens

On the afternoon of February 2, 120,000 Ethereum (ETH) was transferred out of Solana’s bridge Wormhole through an exploit.

The bridge is now completely empty and many who have bridged funds to the Solana blockchain wonder if there is any way back.

Wormhole is a token bridge which allows users to move their tokens from the ETH blockchain to the Solana blockchain.

It manages this by allowing users to send their ETH tokens to a smart contract, locking them and giving a one-to-one ratio of equal valued wrapped tokens on the Solana blockchain.

When a user wishes to move their tokens back to ETH they can send the wrapped tokens back to the contract and withdraw their initial tokens.

The exploit allowed a malicious user to withdraw all the tokens that were locked into the smart contract.

Now when a user wishes to move their tokens back to ETH, there is nothing for them to withdraw. This is an issue as many Solana based tokens are not accepted on major exchanges making them illiquid.

The Wormhole team came out a short while later and said the ETH in the smart contract would be replenished and the liquidity issue would be solved. This does not give many confidence as the issue and exploit which stole the funds has not been rectified.

The Wormhole team also mentioned that they had reached out to the hacker and offered $10m if they return the tokens. The value of the ETH lost is over $300m in value.

The exploit allowed a user to mint wrapped ETH on Solana without needing to stake any of their own tokens. They then used the bridge to withdraw all of the ETH from the smart contracts. Users on Twitter and other social media sites wonder if Wormhole’s Terra blockchain bridge could suffer the same exploit.

As of writing, the bridge from Solana to ETH through Wormhole is still not available.

Blockchains cannot naturally communicate with each other and the demand for interpolarity between chains pushed for the development of bridges.

There are many bridges between almost all smart contract capable blockchains but the number of exploits have begun to increase.

In the last year alone we have seen multiple bridges get hacked including Anyswap and BadgerDAO.


Updated: 02/04/2022 — 20:00