Twitter User Saves Cross-Chain Bridge From Potential Exploit
The BitBTC bridge allegedly had a bug that would essentially allow an attacker to craft fake tokens on one side of the bridge and trade them for real ones.
New
A cross-chain bridge between BitBTC and the Ethereum Layer 2 network. Optimism was able to avoid a potentially costly exploit thanks to the work of an eagle-eyed Twitter user.
The custom cross-chain bridge provides a ramp for users to send assets between Optimism's network and BitAnt's Decentralized Finance (DeFi) ecosystem, which includes yield services, tokens not fungible (NFT), swaps and the BitBTC token, in which 1 million BitBTC represents 1 Bitcoin (BTC).
The BitBTC bridge bug was highlighted by Lee Bousfield, technical manager of the L2 Abirtrum network, in an October 18 Twitter post, warning that "BitBTC's Optimism bridge is extremely vulnerable".
Bousfield said he posted the Tweet because "the team ignored my posts, so I'll post the critical exploit here".
BitBTC's Optimism bridge is trivially vulnerable. Their team ignored my messages, so I will post the critical exploit here. https://t.co/onyN9SzBjt
— Lee Bousfield (@PlasmaPower0) October 18, 2022According to Bousfield, the BitBTC bridge had a bug that allowed an attacker to create fake tokens on one side of the bridge and exchange them for real ones on the other.
"The L2 Optimism side of the bridge allows you to withdraw any token, and it lets that token choose the L1Token address passed to the L1 side of the bridge. However, the L1 bridge has no idea what the token was. L2, and just go ahead and hit the arbitrary L1 token!" he wrote, adding that:
“This means that an attacker could deploy their own token on Optimism, give it...
The BitBTC bridge allegedly had a bug that would essentially allow an attacker to craft fake tokens on one side of the bridge and trade them for real ones.
New
A cross-chain bridge between BitBTC and the Ethereum Layer 2 network. Optimism was able to avoid a potentially costly exploit thanks to the work of an eagle-eyed Twitter user.
The custom cross-chain bridge provides a ramp for users to send assets between Optimism's network and BitAnt's Decentralized Finance (DeFi) ecosystem, which includes yield services, tokens not fungible (NFT), swaps and the BitBTC token, in which 1 million BitBTC represents 1 Bitcoin (BTC).
The BitBTC bridge bug was highlighted by Lee Bousfield, technical manager of the L2 Abirtrum network, in an October 18 Twitter post, warning that "BitBTC's Optimism bridge is extremely vulnerable".
Bousfield said he posted the Tweet because "the team ignored my posts, so I'll post the critical exploit here".
BitBTC's Optimism bridge is trivially vulnerable. Their team ignored my messages, so I will post the critical exploit here. https://t.co/onyN9SzBjt
— Lee Bousfield (@PlasmaPower0) October 18, 2022According to Bousfield, the BitBTC bridge had a bug that allowed an attacker to create fake tokens on one side of the bridge and exchange them for real ones on the other.
"The L2 Optimism side of the bridge allows you to withdraw any token, and it lets that token choose the L1Token address passed to the L1 side of the bridge. However, the L1 bridge has no idea what the token was. L2, and just go ahead and hit the arbitrary L1 token!" he wrote, adding that:
“This means that an attacker could deploy their own token on Optimism, give it...
What's Your Reaction?
![Three of ID's top PR executives quit ad firm Powerhouse [EXCLUSIVE]](https://variety.com/wp-content/uploads/2023/02/ID-PR-Logo.jpg?#){kind=logo}
