Validators on crypto platforms are becoming, out of necessity, more and more astute, said Patrick Hillmann, chief communications officer at crypto exchange Binance.
Over the weekend, BNB Chain, a blockchain closely connected with crypto exchange Binance, was the latest victim in a hack that ultimately drained the ecosystem of $100 million in crypto. The exploit, however, could’ve been worse.
“[The] elephant in the room here is as these attacks become more sophisticated … [I]f they were more organized, [the hackers] probably could have gotten more funds off of the ecosystem than they did,” Hillman said during an appearance on CoinDesk TV’s “First Mover” on Monday.
While the hackers were able to get away with roughly $100 million, the potential amount could have been as much as $570 million.
“What we’re seeing here is that as we see more of these attacks on bridges, the communities that rally around these blockchains are getting much better at shutting them down quickly, updating their systems and being able to prevent a worst case scenario from happening,” Hillmann said.
On Thursday, BNB validators noticed some strange activity taking place on BSC Token Hub, one of the platform’s bridges ,and came to the conclusion the bridge was being utilized to mint additional BNB tokens, according to Hillmann. He compared the exploit to a group of thieves breaking into the U.S. Federal Reserve, printing their own money and then walking away with it.
Nearly 90 minutes after the initial exploit, concerns emerged, with Binance CEO Changpeng Zhao estimating the bridge had been exploited for $100 million.
“Luckily that community, the validators, sprung into action really quickly, were able to lock down the chain and actually prevent the lion's share of that new minted BNB from being able to actually leave the ecosystem,” Hillman said.
The attack prompted 26 of BNB Chain’s validators to act, preventing what could’ve been a $570 million hack, or the value of the 2 million BNB tokens that were fraudulently created, from being siphoned out.
Regarding whether centralization on the BNB Smart Chain is an issue of concern, Hillmann said there are benefits that come with a smaller community “overseeing and keeping the doors locked at night.”
“Because those 26 validators are able to work with one another so quickly, they’re able to prevent that worse case scenario from happening,” he said.
Moving forward, BNB Chain’s validators said they would hold a series of on-chain governance votes that would decide whether the hacked funds should be frozen, as well as whether a bug bounty reward system should be put in place to prevent future hacks.
Hillmann said that to ensure the BNB token is growing at a sustainable rate, and because the hackers “didn’t steal someone’s money,” the BNB community is planning to include $2 million worth of BNB tokens in its upcoming burn this year as a way to “bring it back down to parity.”
Furthermore, Hillman said the BNB Chain community is working with law enforcement to track down the hackers, who he suggested could be “either a state-based actor or a threat group that is tied to a state actor.”
“In some ways this was a very sophisticated attack and in some ways it wasn't,” Hillmann said.
CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk offers all employees above a certain salary threshold, including journalists, stock options in the Bullish group as part of their compensation.