A hacker has made off with $2 million in bug bounty after finding an alarming vulnerability with the Ethereum network. This bug could have been very bad if it had been found by black hat hackers who could have exploited the digital asset for billions of dollars worth of ETH. Instead, a ‘grey hat’ hacker popularly known as Saurik informed the Ethereum team of the vulnerability, netting himself a sizable reward in return.
Finding The Vulnerability On Ethereum
Hacker Saurik had found the vulnerability on Optimism, an Ethereum layer 2 rollup solution. The hacker himself published a report as to how he found the vulnerability on the solution. Looking through nano payments protocols on the rollup, he had found a vulnerability that could allow an attacker to withdraw unbridled a ‘virtually unlimited’ amount of ETH from the solution.
It was similar to the attack method deployed on popular smart contracts blockchain Solana that resulted in the $353 million hacks on Wormhole. Optimism, like Wormhole, mint what are known as “Wrapped Ether.” Users deposit their Ether on the smart contract to basically serve as collateral and they are even these tokens that only exist on Optimism’s network. They then use nano payments protocol to make transactions faster and quicker.
Saurik who is famously known for developing the Jailbroken iOS had confirmed the vulnerability. However, instead of exploiting the vulnerability for his own personal gain, the self-styled grey hat hacker had reported it to the Optimism devs. In return, Saurik was rewarded with a $2 million bounty for his altruism, which has helped to make the network and layer 2 rollup safer for users.
Debunking Popular Rumors
After news of the vulnerability and subsequent bounty payment broke, there have been rumors circulating regarding what an attacker could have done with it if they chose to not report it to the devs. The most popular of these has been that the attacker would have been able to withdraw an unlimited amount of ETH from the network. While this has some merit to it, it is largely false.
Firstly, the vulnerability exists on a layer 2 rollup solution Optimism. While the protocol exists on the ethereum network, it is not the network itself. This means that the vulnerability was localized to the protocol alone. So while an attacker would have been able to exploit this to withdraw an ‘unlimited’ amount of ETH, they could only withdraw the available balance on the Optimism address.
Nevertheless, it is still no secret that the results would have been devastating for users of the layer 2 protocol if a black hat hacker had found the vulnerability. This event speaks volumes about the usefulness of bug bounties. While the rewards for these bounties may seem too large at first, one must think about what the alternative would be if there was no incentive for hackers to come forward with their findings. White hat hackers no doubt help to save millions, if not billions, of dollars every year.