<img src="https://cryptoslate.com/wp-content/uploads/2024/07/ethereum-scroll.jpg” />
ethereum's layer-2 network Scroll has delayed the finalization of its chain due to a potentially exploitable bug within its ecosystem.
On July 19, Rho Markets, a blockchain lending protocol, x.com/RhoMarketsHQ/status/1814250369637294258?t=kYcbKUgj2VOQCp6hBYNlBg&s=19″>detected Unusual activity and operations suspended for investigation.
Alert from blockchain security firm Cyvers x.com/CyversAlerts/status/1814278802039562640?t=v_XOeedX-_2v8N7qYU-56Q&s=19″>reported A hack worth approximately $7.6 million on Rho Markets’ USDC and USDT pools. The company stated:
“The root cause of this incident appears to be an access control to the oracle by a malicious actor!”
According to DeBank panelThe exploiter’s wallet contains 2,203 eth worth $7.5 million and other assets including Mantle’s MNT, Binance’s BNB, and Fantom’s FTM tokens.
In response, Scroll Network stated that it was delaying the completion of its chain. The project stated:
“After checking with the Rho Markets team, we initiated a coordinated response. To fully assess the situation, Scroll decided to temporarily delay the chain termination. We confirmed that the exploit was application-specific.”
Meanwhile, Scroll's decision sparked a debate about the network's decentralization. Critics argue that delaying the chain x.com/DBCrypt0/status/1814282427680104899″>contradicts decentralized principleswhile supporters believe the measure was necessary to protect users' assets.
Andy, the co-founder of The Rollup, x.com/ayyyeandy/status/1814296594759508340″>fixed:
“Until things are close to being as decentralized as possible, I think it’s right to pause state finalization to prevent user funds from being lost. Especially in an ecosystem project that is trying to innovate. I don’t know what this says about Scroll’s resistance to censorship, though.”
White hat hacker?
Meanwhile, the attacker appears willing to return the stolen funds, leading to speculation that the incident could be a white hat act.
On-chain messages shared by blockchain researcher ZachXBT show the attacker's willingness to return the funds. The message x.com/zachxbt/status/1814286415347544211″>read:
“Hi RHO team, our MEV bot benefited from the misconfiguration of your price oracle. We understand that the funds belong to the users and we are willing to return them in full. But first, we would like you to admit that it was a misconfiguration, not an exploit or hack. Also, please explain how you will prevent this from happening again.”
In particular, on-chain data shows that the attacker's address is linked to several centralized cryptocurrency exchanges, including Binance, Gate, KuCoin, and OKX.