What can users do when the cross-chain bridge in the header goes wrong?

What if the cross-chain bridge in the header malfunctions?

2. The attack method is very simple, just a simple transfer operation, there is no contract, and there is testing, so the attacker is probably not a hacker.

3. The transferee did not take further disposal and realization, and the operator may not have absolute decision-making power.

Currently, the truth of the incident still needs an official answer. After checking the change in TVL of Multichain on DefiLlama, Odaily Star News found that 99.76% of the funds had been withdrawn within 24 hours, indicating that users’ reactions to this event were relatively strong.

• Self-proclaimed equal Web3 wanderer stops at seeking immortals and asking the way.
• FTX shatters Taylor Swift’s crypto dream, $100 million collaboration also falls through.
• Vertex: A rising star in the derivatives DEX market, with a daily trading volume market share of around 10%.

Cross-Chain Risks and Self-Rescue Measures

It has been less than a week since the Poly Network hacker incident, and the head cross-chain project, Multichain, has once again experienced capital risk issues. Currently, cross-chain bridges have become a disaster-prone area for security incidents such as hacker attacks. According to the 0xScope team’s statement in “Why are there so many accidents with cross-chain bridges?”, cross-chain bridge fund risks mainly manifest in three aspects:

1. Recharge token: Recharge contract permission vulnerability, false coin recharge problem, currency adaptation problem.

2. Cross-chain message transfer: Listening and processing of recharge messages, verification of recharge correctness, and cross-chain processing confirmation.

3. Multi-signature verification problem: decentralization degree of multi-signature.

In the context of the interconnection of thousands of chains, cross-chain bridges, as the key points of interconnection, have huge amounts of funds deposited, and their own technical complexity and technical links are many. Coupled with their frequent updates, they are extremely easy to become the first target of hacker attacks. The project that has had an accident must have vulnerabilities that have been exploited, and the project that has not yet had an accident cannot guarantee that there will be no problems in the future. How can we self-rescue?

1. When an accident occurs, revoke authorization to the cross-chain bridge contract as soon as possible to prevent further risk spread. You can do this by using the approval checker in the blockchain explorer of your own blockchain. It is also recommended that everyone regularly review and clean up contract authorizations that are useless to themselves. Hackers often extract assets multiple times through vulnerabilities in smart contracts.

2. Users with frequent cross-chain needs need to closely follow the relevant information of cross-chain bridges, such as risk prompts from security companies and official upgrade announcements, and understand and prepare for them as soon as possible.

As a participant in cross-chain bridge LP, in the face of such events, you should actively communicate with the project party, keep a record of locked assets, and wait for solutions afterwards.

We will continue to update Blocking; if you have any questions or suggestions, please contact us!