What does Binance Chain being temporarily suspended mean for you and what comes next? Read on to find out.
Transactions on the BNB chain, also known as Binance Smart Chain (BSC), have been temporarily suspended today. This was after researchers and network participants noticed unusual activity coming from a whale wallet holding more than $500M worth of BNB. The Binance validator community took coordinated action to halt the chain at around 9:35 PM EDT as a first measure toward containing the incident.
What first started as a temporary pause of the network, later developed into a full-on suspension after security researchers noticed unusual on-chain activity coming from a unique source. In short, it seems that a hacker was able to trick the Binance Bridge into releasing a total of 2 million BNB tokens, worth more than $500M at the time of writing. The hacker then proceeded to swap and borrow a variety of crypto assets using the exploited funds until the hack was discovered and the chain was halted. Tether also proactively blacklisted the USDT address associated with the hacker.
Changpeng Zhao, the CEO of Binance, was quick to react and inform the public of what is happening, and what the company is doing to resolve the problem.
The cross-chain bridge functions similarly to other blockchain bridges: It helps users wrap native Binance chain tokens for use outside of their native chain. So, the practical approach would be that a user deposits the desired amount of BNB on the bridge in exchange for a wrapped version of the token that can be used on other chains. Blockchain bridges have shown to be exceptionally vulnerable, with 3 bridges from 3 different blockchain networks having been exploited for huge amounts in 2022 alone.
How The Incident Was Handled
Knowing that the hacker was attempting to take the exploited funds off the chain, network participants and other third-party security partners have taken swift and decisive action to halt the chain, practically stopping the hacker from making any further malicious transactions on the network. This was highly convenient for preventing any further damage, but a large portion of the crypto community saw this as an obvious breach of immutability and decentralization, two defining features of a blockchain network.
The topic of chain centralisation is a recurrent divisive topic in the crypto community: The spotlight is on the risks of centralisation in Proof-of-Stake consensus, which stems from hosting validator nodes on centralized cloud services in the aftermath of the Ethereum Merge.
What’s the Damage
CZ stated that user funds will remain intact, mentioning that the exploit resulted in “Extra BNB.” With a few hours of downtime and a slight dip in the price of BNB, we can argue that the damage was relatively limited.
Zhao further explained that the total amount of ~$100M worth of tokens that the hacker managed to take out before the incident was contained makes up around a quarter of the last BNB token burn. $7M of the total has already been frozen with the help of the network’s internal and external security partners, according to an official BNB chain Reddit post.
BNB chain team has swiftly worked out a hotfix and a hard fork release. This aims to stop the hacker accounts from making transactions by blacklisting associated addresses and disabling cross-chain transactions between the BNB beacon chain and BNB smart chain, right where the affected bridge is. BSC node runners are expected to update their clients to the latest BSC v1.1.5 Github release.
While the BNB chain has reportedly been running well since the fresh network upgrade, some users have reported that transactions are still struggling to be executed. However, things will most likely improve as more and more nodes update to the latest network state.