Binance Exec: BNB Smart Chain Hack Could Have Been Worse if Validators Hadn’t ‘Sprung Into Action’

Patrick Hillmann, chief communications officer at crypto exchange Binance, joined “First Mover” to discuss last week’s $100 million exploit and how validators prevented the worst-case scenario.

AccessTimeIconOct 10, 2022 at 4:49 p.m. UTC
Layer 2

Fran is a writer and reporter at CoinDesk. He owns no crypto holdings.

Validators on crypto platforms are becoming, out of necessity, more and more astute, said Patrick Hillmann, chief communications officer at crypto exchange Binance.

Over the weekend, BNB Chain, a blockchain closely connected with crypto exchange Binance, was the latest victim in a hack that ultimately drained the ecosystem of $100 million in crypto. The exploit, however, could’ve been worse.

“[The] elephant in the room here is as these attacks become more sophisticated … [I]f they were more organized, [the hackers] probably could have gotten more funds off of the ecosystem than they did,” Hillman said during an appearance on CoinDesk TV’s “First Mover” on Monday.

While the hackers were able to get away with roughly $100 million, the potential amount could have been as much as $570 million.

“What we’re seeing here is that as we see more of these attacks on bridges, the communities that rally around these blockchains are getting much better at shutting them down quickly, updating their systems and being able to prevent a worst case scenario from happening,” Hillmann said.

On Thursday, BNB validators noticed some strange activity taking place on BSC Token Hub, one of the platform’s bridges ,and came to the conclusion the bridge was being utilized to mint additional BNB tokens, according to Hillmann. He compared the exploit to a group of thieves breaking into the U.S. Federal Reserve, printing their own money and then walking away with it.

Nearly 90 minutes after the initial exploit, concerns emerged, with Binance CEO Changpeng Zhao estimating the bridge had been exploited for $100 million.

“Luckily that community, the validators, sprung into action really quickly, were able to lock down the chain and actually prevent the lion's share of that new minted BNB from being able to actually leave the ecosystem,” Hillman said.

The attack prompted 26 of BNB Chain’s validators to act, preventing what could’ve been a $570 million hack, or the value of the 2 million BNB tokens that were fraudulently created, from being siphoned out.

Regarding whether centralization on the BNB Smart Chain is an issue of concern, Hillmann said there are benefits that come with a smaller community “overseeing and keeping the doors locked at night.”

“Because those 26 validators are able to work with one another so quickly, they’re able to prevent that worse case scenario from happening,” he said.

Moving forward, BNB Chain’s validators said they would hold a series of on-chain governance votes that would decide whether the hacked funds should be frozen, as well as whether a bug bounty reward system should be put in place to prevent future hacks.

Hillmann said that to ensure the BNB token is growing at a sustainable rate, and because the hackers “didn’t steal someone’s money,” the BNB community is planning to include $2 million worth of BNB tokens in its upcoming burn this year as a way to “bring it back down to parity.”

Furthermore, Hillman said the BNB Chain community is working with law enforcement to track down the hackers, who he suggested could be “either a state-based actor or a threat group that is tied to a state actor.”

“In some ways this was a very sophisticated attack and in some ways it wasn't,” Hillmann said.

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

CoinDesk - Unknown

Fran is a writer and reporter at CoinDesk. He owns no crypto holdings.

CoinDesk - Unknown

Fran is a writer and reporter at CoinDesk. He owns no crypto holdings.