$0 USD

AUGUST 2022

GLOBAL

NEAR PROTOCOL

DESCRIPTION OF EVENTS

"Innovation across DeFi and NFTs has increased demand on the Ethereum network and sent fees soaring." "Blockchain-based bridges allow users to send and receive tokens between different networks by locking native tokens on either side."

 

"At NEAR, we do not want Ethereum developers to choose between NEAR and Ethereum and commit to only one. We want them to have the same asset on both blockchains and even have apps that seamlessly communicate across the boundary. So we built a bridge, called Rainbow Bridge, to connect the Ethereum and NEAR blockchains, and we created the lowest possible trust level one can have for an interoperability solution — you only need to trust what it connects, the NEAR and Ethereum blockchains, and you don’t need to trust the bridge itself. There is no authority outside Ethereum miners and NEAR validators."

 

"The ETH <> NEAR Rainbow Bridge allows users to seamlessly migrate assets to NEAR’s developer-friendly and low-cost platform." "Seamlessly migrate assets to NEAR’s developer-friendly and low-cost platform, without compromising on speed." "The first phase of the ETH ↔ NEAR Rainbow Bridge opens the gates for assets to flow freely between NEAR and Ethereum blockchains while enabling users to bridge any ERC-20 token they wish."

 

"Ethereum users can easily onboard to NEAR using the ETH Faucet, hosted by Paras, and MetaMask. Simply by logging into MetaMask and proving that their account has a balance higher than 0.05 ETH, anyone can claim a NEAR account and start using the Rainbow Bridge right away."

 

"Rainbow allows users to send tokens among the Ethereum, Near and Aurora networks and has over $2.3 billion in assets locked on the protocol, data shows." "The following popular tokens with common ERC-20 functionality are interoperable with NEAR, including but not limited to[ s]tablecoins like USDT (Tether), DAI, and TUSD, wrapped assets like WBTC and WETH[, ]DEX tokens like UNI and 1INCH[, l]ending tokens like AAVE and COMP[, and s]ervice company tokens like HT (Huobi) and CRO (Crypto.com)[. ]Users can send these ERC-20 assets directly from MetaMask or other Web3 wallets to NEAR wallets and apps, and vice versa."

 

"Since the Rainbow Bridge does not require the users to trust anything but the blockchains themselves, we call it trustless." "The ETH ↔ NEAR Rainbow Bridge is a trustless, permissionless protocol for connecting blockchains. The bridge protocol removes the need to trust anyone except the security of the connected chains. Anyone can deploy a new bridge, use an existing bridge, or join the maintenance of an existing bridge without getting approval from anyone else."

 

"The Rainbow Bridge allows any information that is cryptographically provable on NEAR to be usable in Ethereum contracts and vice versa — including the ability to read the state and schedule calls with callbacks on the other chain. This means a user can vote with their ETH balance in a NEAR DAO without sending a transaction on Ethereum." "The nature of the Rainbow Bridge means its fully decentralized and adaptable to any future protocol changes."

 

"The rainbow bridge is based on trustless assumptions with no selected middleman to transfer messages or assets between chains. Because of this, anyone can interact with its' smart contracts, including the NEAR light client."

 

"As a wholly decentralized platform, Rainbow relies on several validators, called bridge relayers, who submit block info on Near blocks to Ethereum. Anyone can submit information to Rainbow, and false information could likely result in a loss of all user funds."

 

"However, this is where the validators step in: They agree on which transactions are genuine by tracking blockchain activity on all networks connected to Rainbow. Incorrect transactions are challenged by independent “watchdogs” who observe the Near blockchain to check for data misfits, with incorrect transactions getting flagged and eventually blocked."

 

"[I]ncorrectly submitted information to the NEAR Light Client may result in the loss of all funds on the bridge. That's why this step is secured with the most solid thing: a consensus of NEAR validators." "And if someone tries to submit incorrect info, then it would be challenged by independent watchdogs, who also observe NEAR blockchain."

 

"Usually, it's Rainbow bridge relayers, who submit the info on NEAR blocks to Ethereum. However, sometimes others are doing this. Unfortunately, usually with bad intentions." "Such a mechanism protects the network from seeing potentially hundreds of millions of dollars in losses, especially as bridge attacks become more commonplace."

 

A malicious "transaction was successfully submitted in the Ethereum blockchain in the block 15378741 on Aug-20-2022 04:49:19 PM +UTC." "Rainbow developer Alex Shevchenko said in a note Monday that an attacker submitted a fabricated Near block to the Rainbow bridge contract over the weekend by putting up a “safe deposit” of 5 ether." "Over the weekend an attacker submitted a fabricated NEAR block to the Rainbow Bridge contract." "During a transaction, a safe deposit of 5 ETH was required." "That transaction was successfully submitted to the Ethereum network, with the attacker expecting Rainbow developers to be unavailable to mitigate any threats."

 

"The attacker likely intended to fake transactions and trick Rainbow’s smart contracts into releasing locked funds without depositing any initial funds. Such a sophisticated mechanism has previously been used to exploit several blockchain bridges, such as Nomad’s recent $200 million exploit."

 

"Note the time of attack: an attacker was hoping that it would be complicated to react [to] the attack early Saturday morning." “[The] attacker was hoping that it would be complicated to react to the attack early Saturday morning,” Shevchenko explained.

 

"However, no reaction from humans was required. Automated watchdogs were challenging the malicious transaction, which resulted in an attacker loosing his safe deposit." "Rainbow’s validators automatically caught the fabricated block that the attacker tried to submit, challenged and blocked the transaction, and took away the safe deposit of 5 ether put up by the attacker." "[A]utomated security processes by the bridge’s validators kicked in and mitigated the threat in under 31 seconds." "Near Protocol’s Rainbow bridge mitigated a threat in under 31 seconds due to automated security processes which cost the attacker 5Ξ (~$8,000)."

 

"And though [the] attacker was hoping that our security team won't be available, in fact it was. After notifications on strange activities, within 1h the team was checking that everything is OK and was going back to sleep without disturbing myself or the users."

 

"[W]e have been thinking of increasing the safe deposit (to reduce the number of attacks), but discarded this idea. The reason -- it would make the bridge more permissioned and we fight for decentralization." "[D]ear attacker, it's great to see the activity from your end, but if you actually want to make something good, instead of stealing users money and having lots of hard time trying to launder it; you have an alternative -- the bug bounty."

The Near Protocol Rainbow Bridge allows the transfer of tokens between the Ethereum, Near, and Aurora blockchain networks. Like most bridges, there is a possibility of attackers submitting fraudulent transactions trying to trick the bridge into releasing funds without making an actual payment. The Near Protocol Rainbow Bridge requires the attacker to send 5 ETH along with any payment request as a "safe deposit", has watchdogs monitoring the network, and allows validators to flag and reject any suspicious transactions.

 

On the early morning of Saturday August 20th, such a fraudulent transaction was submitted. It was successfully detected and mitigated in this case, and no funds were lost.

HOW COULD THIS HAVE BEEN PREVENTED?

This system seems to have worked effectively due to the multi-signature nature of having multiple independent validators to approve the transactions. Such a system likely works well to automatically approve small value transactions, where there is minimal incentive to attack, with continual adaptation and a small treasury to pay out any losses available. Larger transactions would likely benefit from human oversight as it can be challenging to be sure that the automated systems will effectively detect the full diversity of potential fraudulent transactions. There is a tendency for all nodes to employ similar software that will make the exact same decision, thereby negating key benefits of the multi-signature setup.

 

Check Our Framework For Safe Secure Exchange Platforms

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.