The cross-chain exploit of the BSC Token Hub bridge led to the creation of extra BNB. Binance asked the validators to shut down the BNB Smart Chain (BSC). After the BSC exploit, a hard-fork was performed.
It seems to us that this is an unnecessary clarification for those who read our articles. But, for those who are here by chance or are just discovering the crypto world, let's explain. Binance is one of the most important crypto ecosystems in the world. With Binance, you can trade crypto assets both on exchanges and through Peer-to-peer (P2P). The company also provides business solutions, a platform for launching tokens, education in the crypto sphere and many other services.
Binance also has its own token – BNB and its own blockchain for this token – BNB Smart Chain (BSC). An unpleasant situation happened to them in early October. In the cross-chain bridge BSC Token Hub (the bridge between BNB Beacon Chain (BEP2) and BNB Chain (BEP20 or BSC)), an exploit was discovered with which someone was able to create 2 million BNB, worth about $570 million. The fact that BNB was hacked was announced by crypto investor and analyst Miles Deutscher on Twitter.
It appears that 2 million BNB was hacked.
— Miles Deutscher (@milesdeutscher) October 6, 2022
Tether was blacklisted which seems to confirm it. $BNB price taking a hit as a result. https://t.co/DkOtsJ6pjT
Miles also noticed that Tether blacklisted the address associated with the exploit and froze its USDT assets.
The CEO of Binance, Changpeng Zhao, quickly reacted to the situation. He wrote about the exploit and asked the validators to temporarily suspend the BSC. The validators agreed, and the community voted to freeze the addresses associated with the exploit.
The address associated with the exploit was assigned the tag “BNB Bridge Exploiter” on BSCScan. The address also has a very impressive amount of assets.
The exploit was also responded to on Twitter by BSC. They wrote that according to initial estimates, the losses amount to $70M - $80M. The tweet also says that $7 million could be frozen.
We are humbled by the speed and collaboration from the community to freeze funds.
— BNB Chain (@BNBCHAIN) October 6, 2022
Thank you to everyone who helped and gave their support.
2/2
Steps have already been taken to fix the exploit and prevent this from happening in the future. First, Binance introduced the Bug Bounty program. Now ‘whitehat’ hackers will be paid $1 million for the discovery of each serious bug, and hackers will be able to get up to 10% of the funds stolen if they return the full amount.
But probably the most powerful response to the exploit was the hard-fork BSC. The hard-fork for both testnet and mainnet was announced on GitHub. It took place on October 12 for mainnet and October 11 for testnet.
Against the background of the situation, the price of BNB, according to Coinmarketcap, fell from $297.24 to $260.95, and later recovered to $272.19.
Those who remember our story about Solana and the whale already know what this paragraph will be about. Yes, the situation is dangerous. Yes, Binance did this to prevent a threat. The optics are good for BNB, as in the case of Solana. But, something about these two stories is upsetting: the real state of decentralization. And again a philosophical question arises: is it right to sacrifice decentralization for a good outcome?
On the other hand, we can say that decentralization was not sacrificed, since all validators voluntarily stopped BSC by agreement. But is everything so unambiguous? And what do you think? Let's discuss it in the comments. And we will continue to observe.