Pic: Rommel Gonzalez / EyeEm / EyeEm via Getty Images
Axie Infinity developer Sky Mavis promises to reimburse players following US$600m hack
Coinhead
share
Sky Mavis, the company behind popular play-to-earn game Axie Infinity, has said it will reimburse players after hackers stole more than US$600 million from the Ronin blockchain it’s built on.
Just a recap on the exploit first, though…
This week, it’s been revealed that a hacker or hackers have perpetrated what’s being called the largest exploit in DeFi history. It’s certainly the biggest GameFi-related hack so far. Reports vary, but some actually have the stolen-funds figure at closer to US$625 million.
Whoever the attacker was, they were able to find a back entrance into a Ronin node – through a critical blockchain bridge. Ronin (ticker: RON) is an Ethereum-linked “sidechain” developed by Axie Infinity creator Sky Mavis.
The attackers then used hacked private keys to create the withdrawals, draining 173,600 ETH and US$25.5 million in USDC.
A blockchain bridge, by the way, allows holders of assets on one blockchain to swap out their tokens for equivalent assets on other chains. Useful, certainly, but they have their critics, including Ethereum founder Vitalik Buterin, who recently pointed to their security vulnerabilities, adding that “the future will be multi-chain, but it will not be cross-chain”.
My argument for why the future will be *multi-chain*, but it will not be *cross-chain*: there are fundamental limits to the security of bridges that hop across multiple "zones of sovereignty". From https://t.co/3g1GUvuA3A: pic.twitter.com/tEYz8vb59b
— vitalik.eth (@VitalikButerin) January 7, 2022
At the time of writing, the Axie Infinity governance token (AXS) is holding up remarkably well in the wake of the exploit. It’s currently up 1% over the past 24 hours, and even +14% over the past seven days.
Axie’s in-game currency, Smooth Love Potion (SLP) has recovered 3.6% over the past day, however, it’s still down about 6% on the weekly timeframe.
The Ronin blockchain’s native token RON, has been the hardest-hit Axie-related token and is down about 11% over the past week.
Sky Mavis’s pledge to recover and reimburse
Amid what Sky Mavis Chief Operating Officer Aleksander Leonard Larsen has described as “an intense 36 hours”, the company has confirmed to Bloomberg it will be reimbursing affected Axie Infinity users.
“We are fully committed to reimbursing our players as soon as possible,” wrote Larsen to Bloomberg via text message. “We’re still working on a solution, that is an ongoing discussion.”
Larsen also wrote in a Twitter thread that Sky Mavis is conducting a “deep forensics review to ensure there is no lingering threat”, adding:
“This was a social engineering attack combined with a human error from December 2021. @SkyMavisHQ tech is solid and we will be adding several new validators to @Ronin_Network shortly to further decentralize the network.”
1/4 @Ronin_Network update
Been an intense 36 hours
Been working with the Sky Mavis board and key cybersecurity personnel to get a complete overview of the situation
Our internal network is currently going through a deep forensics review to ensure there is no lingering threat
— Psycheout – Aleksander | Axie Infinity (@Psycheout86) March 30, 2022
3/4
We are committed to ensuring that all of the drained funds are recovered or reimbursed, and we are continuing conversations with our stakeholders to determine the best course of action.
— Psycheout – Aleksander | Axie Infinity (@Psycheout86) March 30, 2022
Meanwhile, Axie Infinity is moving ahead with its big battle/gameplay upgrade it’s dubbed Axie Infinity: Origin. It’s kicking of a week of events and, er, “leeks” from April 7. Trailer further below…
1/ Origin Launch Week starts now!
We have a full schedule of leeks & events planned over the next seven days, culminating with the alpha launch of Axie Infinity: Origin on April 7th!
Full article 👇https://t.co/ARiol8YC5I
— Axie Infinity🦇🔊 (@AxieInfinity) March 31, 2022
