BTC

$64376.249

-2.92%

ETH

$3150.247

-1.94%

BNB

$608.307

0.05%

XRP

$0.532

-3.31%

Blockchain

The Bridge Between Ethereum And Arbitrum Nitro Discovered Security Vulnerability

September 20, 2022 - Around 2 mins mins to read
A Twitter account with the name ‘riptide’ posted an article regarding a vulnerability in the bridge between Ethereum and Arbitrum Nitro.
The Bridge Between Ethereum and Arbitrum Nitro Discovered Security Vulnerability

This person then quickly contacted Arbitrum’s team, thereby fixing the above vulnerability and receiving a bug bounty on ImmuneFi.

Accordingly, this vulnerability could allow hackers to steal the entire amount of ETH loaded into the bridge between Ethereum Layer-1 and Layer-2 (here is the Arbitrum Nitro version).

This white hat hacker said that the initialize() function that helps users sign transactions and sends encryption requests to Sequencers (validation units) has encountered a few vulnerabilities. The first 2 storage spaces (positions 0 and 1) of this function are empty, which means that the hacker can impersonate the user and then send the authentication message to the Sequencer.

The Bridge Between Ethereum and Arbitrum Nitro Discovered Security Vulnerability

This initialization-related vulnerability previously appeared in Nomad’s smart contract. This vulnerability was quickly identified by the Arbitrum team and a 400 ETH reward was sent to the aforementioned white hat hacker.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join CoinCu Telegram to keep track of news: https://t.me/coincunews

Follow CoinCu Youtube Channel | Follow CoinCu Facebook page

Harold

CoinCu News

Arbitrum

Arbitrum Nitro

ETH

Layer-2

Avatar of Harold

Author

Harold

With a passion for untangling the complexities of the financial world, I've spent over four years in financial journalism, covering everything from traditional equities to the cutting edge of venture capital. "The financial markets are a fascinating puzzle," I often say, "and I love helping people make sense of them." That's what drives me to bring clear and insightful financial journalism to the readers of Coincu.
Blockchain

The Bridge Between Ethereum And Arbitrum Nitro Discovered Security Vulnerability

A Twitter account with the name ‘riptide’ posted an article regarding a vulnerability in the bridge between Ethereum and Arbitrum Nitro.
The Bridge Between Ethereum and Arbitrum Nitro Discovered Security Vulnerability

This person then quickly contacted Arbitrum’s team, thereby fixing the above vulnerability and receiving a bug bounty on ImmuneFi.

Accordingly, this vulnerability could allow hackers to steal the entire amount of ETH loaded into the bridge between Ethereum Layer-1 and Layer-2 (here is the Arbitrum Nitro version).

This white hat hacker said that the initialize() function that helps users sign transactions and sends encryption requests to Sequencers (validation units) has encountered a few vulnerabilities. The first 2 storage spaces (positions 0 and 1) of this function are empty, which means that the hacker can impersonate the user and then send the authentication message to the Sequencer.

The Bridge Between Ethereum and Arbitrum Nitro Discovered Security Vulnerability

This initialization-related vulnerability previously appeared in Nomad’s smart contract. This vulnerability was quickly identified by the Arbitrum team and a 400 ETH reward was sent to the aforementioned white hat hacker.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join CoinCu Telegram to keep track of news: https://t.me/coincunews

Follow CoinCu Youtube Channel | Follow CoinCu Facebook page

Harold

CoinCu News

Visited 39 times, 1 visit(s) today