According to the statement made by Arbitrum, the company paid 400 Ethereum (ETH) to a white hat hacker who found the vulnerability in the bridge algorithms and reported it to them.
Found the vulnerability in an algorithm that bridges the Arbitrum Nitro and Ethereum networks. 0xriptide user codenamed company itself 400 Ethereum (approximately $520,000) announced that he had sent a bounty. white hat hackerAfter discovering the vulnerability and reporting it to Arbitrum, the erroneous code was fixed. Approximately $250 million The vulnerability, which was at risk of a cyber attack, thus came back from the brink of a major disaster without any problems.
0xriptide user who received the award made the following statements:
Whenever you come across an uninitialized address variable in Solidity, you should always take a moment and investigate further. Otherwise, you never know whether it was started intentionally or accidentally. As a bounty hunter, I’m obviously only focused on looking for vulnerabilities in smart contracts written in Solidity.
Vulnerability detected by 0xriptide; a hacker can set his own address as a hyperlink, where you can imitate the original contractIt revealed that it can steal all incoming ETH deposits from i and Etheruem to Arbitrum Nitro. If this vulnerability were discovered by a malicious person, 1,000 to 5,000 ETH in a 24-hour timeframe Cryptocurrency could be stolen.