Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
The Ronin Bridge project experienced unusual cross-chain asset withdrawals, suggesting a potential attack. According to the SlowMist security team, the vulnerability was caused by the modification of weight to an unexpected value, allowing funds to be withdrawn without passing any multi-signature threshold checks. The attacker extracted approximately 4,000 ETH and 2 million USDC from the bridge, amounting to a value of around $12 million. As of August 7th, white hats have returned $12 million worth of assets and received a $500,000 bug bounty. Attack method (per SlowMist): Contract Vulnerability. Reported loss: $ 12,000,000.
- chain
- —
- protocol
- Ronin
- bug_class
- logic
- date_occurred
- 2024-08-06
- loss_usd
- $12,000,000
- source_id
- sm:ronin::2024-08-06