Why Ronin blockchain hack is a lesson in disguise

Abhishek Pitti
4 min readApr 5, 2022

One year ago, Axie Infinity launched a game based on the popular Pokémon passion where players got crypto as rewards. Now, hackers have made off with millions of dollar coins and wrapped Ethereum from the Ronin blockchain which is being used by Axie Infinity.

Priced at $625 million, Ronin hack was the largest cryptocurrency attack on record. Investors had these lessons to manage their investments better — regardless of what currency they were using.

Before this hack, one of the worst hacks in history was Poly Network. The platform was hacked for a whopping $600 million, but hackers returned the money after.

There have been many different hacks recently also. $320 million was taken this February by a hacker in what they called a “wormhole” attack. After stealing the funds, the hacker then took control of a cryptocurrency exchange.

The Axie, Wormhole, and Poly Networks hacks involve the transfer of tokens from one blockchain to another. You trade crypto through the bridge inserted in the second blockchain.

The hacker in the wormhole bridge tried to exploit fake transactions between Solana (SOL-USD) and Ethereum (ETH-USD) for the purpose of stealing real ETH. In Axie, the hacker exploited Ronin’s bridge to Ethereum by exploiting fake transactions.

In the New Digital World, Bridges are often the weak link. You invest all your time fortifying it, but then you use a golf cart to transport that money instead of an armored car. It will get stolen!

  • Decentralization is Important

Kelvin Fichter of Optimism tweeted that the hack on the Ronin bridge was different from that of previous bridge hacks.

Axie Infinity has an insufficient amount of validators for their Ronin bridge. With only nine in the system, it’s easy for a hacker to steal assets and cryptographic keys from any of these validators. The problem, as it turns out, was the company’s use of Ronin Bridges: If one node is compromised, the entire system can be compromised since every action must go through a central node.

Axie’s developer, Sky Mavis, controlled all of the compromised validators. The Ronin Network announced on Thursday that they’re pushing their plan to add new validators in the coming months and are currently replacing all of the former Sky Mavis validators.

Axie Infinity currently has a flat system to provide better incentives, but the future roadmap mentions incremental decentralization.

Blockchain is a philosophy of decentralization that can be applied to the New Digital World to take control of money and online identity.

Blockchain security is an important consideration, and the Axie hack reminds us that decentralization can be beneficial for this. Bitcoin has never been hacked because of this decentralization.

  • Leadership is also critical

Axie Infinity has had little to no issues with hackers and the most recent breach occurred on a Ronin bridge. There are always ways for phishers to pose as official parties such as gaming companies and request private information from you in order to steal your assets.

Many projects, such as Axie Infinity, take years of work to complete. With blockchain technology comes new security risks because the computer code is often not audited prior to being installed on a bridge.

It’s often unclear who is operating these exchanges, and it’s unclear how transactions are processed. Purchasing cryptocurrencies on an exchange can be risky because transactions are sometimes processed by unidentified validators who are shrouded in mystery.

The Axie Crew has been working hard to reward its community with deeper game features, better animation, and new cryptocurrencies. They also had a hack in which $625 million was lost for nearly a week before getting uncovered.

  • A robust community is required

Axie has passionate founders that are flawless to assess the situation and provide a plan to reimburse the victims of the hack. They postponed their Axie Origin launch in order to give the engineering team more time for a deep investigation of the potential implications of the breach.

Leadership and decentralization — the best of both worlds?

By using the blockchain, we can empower a decentralized autonomous organization (DAO) to run the show. All decisions will someday be turned over to the DAO. The word “empower” is a keyword here that helps to signal the implications of more decisions being voted on by those who own an Axie token.

Sky Mavis should start transferring more responsibilities to Axie DAO in order to progress. When a leader rests in a DAO, the community agents can act to even overcome the shortcomings of the leader. ENS-USD did just that when they overcame their leaders in February 2022.

In the meantime, it’s very impressive that despite being only 10% down on the news, AXS Crypto is still doing well compared to other blockchain projects. RON is performing a lot worse than AXS Crypto with more than just 20% down from their price. It seems like AXS has a strong community behind them because of the way their prices seem to be moving together in comparison to other blockchain projects like RON.

If ambitious & young communities like Axie Infinity have the qualities of having leadership, being responsive to users, and protecting funds from security breaches, then they can be successful. It’s huge learning though for all other communities and leaders who are working in this domain.

--

--