Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
The Nomad Bridge, a cross-chain interoperability protocol, was attacked by hackers. This attack was due to the fact that the trusted root of the Nomad Bridge Replica contract was set to 0x0 during initialization, and the old root was not invalidated when the trusted root was modified. Constructing arbitrary messages to steal funds from the bridge, the attacker was able to extract over $190 million in value from the attack. So far, more than 40 addresses have returned over $36 million to Nomad. Attack method (per SlowMist): Contract Vulnerability. Reported loss: $ 154,000,000.
- chain
- —
- protocol
- Nomad
- bug_class
- logic
- date_occurred
- 2022-08-02
- loss_usd
- $154,000,000
- source_id
- sm:nomad::2022-08-02