Ronin Network Exploit: 'White Hats' Return $12M After Crypto Community Erupts Over Breach

Ronin announces exploit

Ronin revealed that 4,000 $ETH and two million $USDC tokens were withdrawn from the Ronin bridge Tuesday. "Today's bridge upgrade, after being deployed through the governance process, introduced an issue leading the bridge to misinterpret the required bridge operators vote threshold to withdraw funds," the Ethereum Virtual Machine (EVM) compatible network said of the exploit.

It said that "white-hats" informed them about the potential exploit, resulting in the bridge being paused about 40 minutes after the first on-chain activity was spotted.

"We are currently negotiating with the actors, who appear to be acting as white-hats and have responded in good faith," it said, adding that all user funds are safe and should there be any shortfalls, the funds will be re-deposited into the bridge once it is back in operation.

Actors return funds

Ronin said a few hours after the exploit announcement that the entire $12 million in pilfered funds had been returned. "We thank the white hats for their vigilance and integrity. The Bug Bounty Program will reward the white hats with a 500 K bounty," it said.

On further steps to prevent another exploit, Ronin said the bridge will undergo an audit before reopening and the bridge will be shifted away from the network's current structure.

Crypto users raise issue about white hats

Despite the security incident's resolution and the return of all withdrawn funds, some cryptocurrency users questioned the supposed white hat process. "How are they whitehats if you have to negotiate?" one user asked, adding that white hat hackers should only have informed Ronin about the breach "without stealing" tokens.

As other users joined in on the debate, the user went on to reiterate his stance that the group that returned the funds were "greyhats at best" since white hats wouldn't be in the "negotiation" table unless they were hired to do so. "There has been massive reputational damage caused by acting this way and any 'negotiation' is holding the project hostage," he insisted.

Another user argued that it took the white hats "too long" to return the funds if they truly were white hat hackers, as Ronin said.

Not the first time

Several other users floated the theory of a "self hack," something the crypto industry has seen in some exploits over the years.

Aside from the notion that it could have been an "insider" job, many users pointed out that it wasn't the first time the Ronin network was hacked. One user asked how many more times the blockchain should be exploited before the team learns. The Ronin bridge was hacked in March 2022, as per auditing firm QuillAudits. At the time, the blockchain lost a whopping $600 million.