The Finanser LogoThe Finanser Logo

Chris Skinner's blog

Shaping the future of finance

Another day, another crash, another hack

Chris Skinner Author Avatar
by

I stumbled across a tweet about Nomad, a cross-chain bridge, that had just had almost $200 million of crypto assets hacked:

The cross-chain token bridge Nomad was exploited, with attackers draining the protocol of virtually all of its funds. The total value of cryptocurrency lost to the attack totalled near $200 million. Nomad, like other cross-chain bridges, allows users to send and receive tokens between different blockchains. Monday’s attack is the latest in a string of highly-publicized incidents which have drawn the security of cross-chain bridges into question.

Like many, you scratch your head wondering what they are talking about.

Let’s start with the basics: Nomad describe themselves as “a cross-chain communication standard that enables cheap and secure transfers of tokens and data between chains”.

The key to this is that a cross-chain bridge allows interoperability between different blockchains and blockchain tokens. It is like an FX service but, in this case, it allows the exchange of information, cryptocurrency or NFTs from one blockchain network to another. It enables the flow of data and tokens across what would otherwise be siloed sets of data on different blockchains.

Cool.

In particular, a key characteristic of a cross-chain bridge is that it enables users to exchange one cryptocurrency for another without having to change it into fiat currencies first. For example, bitcoin and Ethereum are the two largest cryptocurrency networks and have vastly different rules and protocols. Through a blockchain bridge, bitcoin users can transfer their coins to Ethereum and do with them what they otherwise could not do on the bitcoin blockchain. That can include purchasing various Ethereum tokens or making low-fee payments.

So far, so good.

I could now take you down the rabbit hole of Web3 and Layer2 operations, but let’s not go there. It would take too long. Google it.

The thing is that this just reinforces the Wild West of Crypto, following the issues that Binance have with the SEC and the collapse of Celsius, a major crypto exchange.

The thing is, when I delved deeper into the tweet, it turns out that Nomad appeared to have done something really, really stupid. According to the thread from samczsun, the platform had messed up a routine upgrade, and set the exchange of token contracts to a trusted root file identifier that started with 0x00. This meant that anyone could send a request to exchange tokens with an identifier starting with 0x00 and it would be accepted.

No wonder I’m nervous of cryptocurrencies. Are you?

I guess it always comes back to my favourite quote inspired by John Oliver:

Cryptocurrencies combine everything you don’t understand about money with everything you don’t understand about computers

Caveat emptor.

Postnote: Millions drained from Solana today

Chris Skinner Author Avatar

Chris M Skinner

Chris Skinner is best known as an independent commentator on the financial markets through his blog, TheFinanser.com, as author of the bestselling book Digital Bank, and Chair of the European networking forum the Financial Services Club. He has been voted one of the most influential people in banking by The Financial Brand (as well as one of the best blogs), a FinTech Titan (Next Bank), one of the Fintech Leaders you need to follow (City AM, Deluxe and Jax Finance), as well as one of the Top 40 most influential people in financial technology by the Wall Street Journal's Financial News. To learn more click here...

Digital Transformation Programme

Learn directly from from one of the most influential people in technology, gain insights from the world's most innovative companies, and build a global network.

Top 50 Global Thought Leaders and Influencers on FinTech 2022

Chris Skinner
Commentator, CEO of The Finanser and best-selling author at The Finanser

Thinkers360 Thought Leader

Contact Me

Best Financial Services Blogger

Chris’s latest book

Chris Skinner’s ‘Digital For Good’ Book Launch Event – CFTE

Global Awards

Best CEO of the Year UK 2022

Best Digital Finance Provider of the Year UK 2022

Best Financial Markets Adviser of the Year UK 2022

Portal to the Knowledge Base of the Financial Services Club UK 2022

Financial Markets Advisor of the Year UK 2022

Corporate America Today Annual Awards

Best Financial Markets Adviser of the Year UK 2022

Portal to the Knowledge Base of the Financial Services Club UK 2022

Financial Markets Advisor of the Year UK 2022

Nominee of MAD33 2021

Kids creating the future bank | TEDxAthens

Join me on Linkedin

Follow Me on Twitter!

UK’s most influential person in technology

Captain Cake and the Candy Crew

Captain Cake Winner of a Golden Mom’s Choice Award

TWO-TIME WINNER OF A MOM’S CHOICE GOLD AWARD!

TheNextWeb – #tnw

Learn more about Chris

About Chris Skinner

Presentation at ZBP, September 2020, Warsaw, Poland

Alex at the Financial Services

Gaping Void's Hugh MacLeod worked with the Finanser