Plan $1M in bug rewards and double nodes after a $600M Ronin hack


The Ronin Network and Sky Mavis have vowed to update their smart contracts, offer lucrative bug bounty and tighten security after the $600 million hack late last month.

As Cointelegraph previously reported, the Ethereum sidechain developed for popular NFT game Axie Infinity was the victim of an exploit for 173,600 ether (ETH) and 25.5 million USD coin (USDC), which was more than $612 million at the time were worth.

Earlier this month, the Federal Bureau of Investigation (FBI) attributed the attack to North Korea-based and state-sponsored hacking group Lazurus as it issued a warning to other crypto and blockchain organizations.

Ronin announced its platform changes via a post-mortem report released yesterday, noting that all user funds are in the process of being restored as it vowed to ensure this “never happens again”.

The hack has come down

The hack was the result of a spear phishing attack on a former employee of Sky Mavis (the developer of Axie Infinity). The attacker was able to use the employee’s credentials to access Sky Mavis’ four validator nodes out of a total of nine in the Axie/Ronin ecosystem.

This alone wasn’t enough to cause damage, but “the attacker found a backdoor through our gasless RPC node, which they abused to obtain the signature for the Axie DAO validator.”

“This dates back to November 2021 when Sky Mavis asked the Axie DAO for help to distribute free transactions due to an immense user load. The Axie DAO has allowed Sky Mavis to sign various transactions on their behalf. This was discontinued in December 2021, but access to the allow list has not been revoked,” the report said.

Major changes will be implemented on both Sky Mavis and Ronin Network after the hack.


The Ronin network hopes to reopen its bridge by mid to late May, with Binance providing support with withdrawal and deposit infrastructure for Axie users until then.

The team is about 80% focused on upgrading Ronin Bridge smart contracts, they will overhaul the backend, migrate all pending withdrawals, and launch a validator dashboard that “allows large transactions to be approved and new validators to be added/removed.”

“The Ronin Network bridge is currently being redesigned and will open once we are confident it can stand the test of time. We originally expected to have the upgrade ready by the end of April, but we cannot afford to rush the process.”

Related: Binance Recovers $5.8M in Funds Related to Ronin Bridge Exploit

Heaven Mavis

Sky Mavis will strengthen its security measures by enlisting the help of “senior security experts”, conducting contract reviews and implementing more stringent internal procedures such as training to “fight against external threats”.

In particular, it will also significantly increase the number of nodes to support the decentralization of the project. Having already grown from nine to 11, Sky Mavis intends to increase that number to 21 within three months. In the longer term, the project is aiming for more than 100 nodes.

Sky Mavis will also be offering up to $1 million in bug rewards to any white-hat hackers who find additional vulnerabilities.

“We recognize the importance and value of security researchers’ efforts to protect our community. Sky Mavis is offering up to $1 million in rewards to encourage responsible vulnerability disclosure.”