BNB Smart Chain executes hard fork to fix $100m exploit

The upgrade was meant to secure the cross-chain infrastructure between BSC and BNB Beacon Chain following the last week $100 million hack.

A hundred-dollar bill lies in a white plate next to blood-like soy sauce with the fork on tablecloth.

A hard fork dubbed Moran went through successfully at 4 am ET on October 12 at a block height of 22,107,423 in the aftermath of an exploit that drained an estimated $100 million from the platform. “This release is a temporary urgent patch to mitigate the cross-chain infrastructure between Beacon Chain and Smart Chain so that the cross-chain can be re-enabled back. It is a hardfork release for both testnet and mainnet,” the GitHub post said.

The changes introduced are relatively modest and primarily aimed at recovering and securing a Token Hub bridge whose critical vulnerability allowed the hacker to mint two million BNB out of thin air. While the hard fork didn’t affect regular users, node operators were required to undergo the upgrade procedure that included halting the running node and replacing the old binary with the new code.

As a result of the upgrade, all the funds stuck in cross-chain transfers either arrived in the target wallets or got refunded back to the source, BSC Chief Scientist V announced on Twitter. Transfers between BNB Beacon Chain and BNB Smart Chain were resumed and are processed as usual.

In the following weeks, BNB devs plan to work on upgrading the underlying cross-chain proof verification with another library. More security-related measures for cross-chain will be introduced as well, plus there will be a new governance model for the relayer structures, V added.

Read also: BNB Price Prediction 2023. Should I buy BNB?

In addition to the Moran upgrade, the BNB team also issued a postmortem regarding October 6 hack. The announcement confirmed the bug in the cross-chain bridge as the root cause of the exploit and addressed community concerns about the network’s degree of decentralization.

Read also: TUSD Joins BNB Chain: Announcing a New Native Token Integration

“First and foremost, this problem was limited to BNB Smart Chain (BSC), and further limited to the native BNB Chain bridge, BSC Token hub, which is part of the “bridge” between BNB Beacon Chain and BNB Smart Chain. The attacker had forged a proof within the bridge, exploiting a bug that verifies legitimate proofs,” devs explained, adding that the blockchain itself was not compromised and no users were affected.

The abrupt halt of the network on October 6 has raised many questions about who dictates the rules of the BNB Chain. Feeling compelled to address criticism, BNB devs acknowledged that ‘coordinated response’ and decentralization don’t usually go hand in hand. The statement also mentions the Nakamoto coefficient of the BNB Chain, which has been consistently eight throughout the last year, meaning that the network is less decentralized than Ethereum.

“BNB Chain core developers do not see decentralization as black and white. There is an understanding that decentralization is a journey we are on since the very beginning, and we continue to become more and more decentralized as we progress.”