Sky Mavis, the developer behind the play-to-earn video game Axie Infinity said that it's preparing to re-open the Ronin bridge that fell victim to a $552 million hack in March.
The re-opening of the Ronin bridge, which was used by players to transfer assets between the Ronin chain and the Ethereum network, is planned on June 28th, “with all user funds returned,” according to the latest community update.
The team also said that a hard fork will be required for the re-launch of the bridge, which means that all node operators will be required to update their software.
Node operators that act as validators on the network have already been informed what steps they need to take, whereas the non-validator nodes will need to follow specific instructions shared by the developers.
• We plan on re-opening the Ronin Bridge on June 28th, with all user funds returned.
• Re-opening will require on a Ronin hard-fork which requires all validators to update their software.
• Validators have been informed regarding next steps to upgrade their validating node.
— Ronin (@Ronin_Network) June 23, 2022
The Ronin hack
The Ronin bridge exploit at the end of March was one of the largest in the world of crypto, with the hacker making away with an estimated $552 million in Ethereum and USDC (based on their value at the time of the hack) being drained from the protocol.
The attacker reportedly used stolen private keys to sign transactions from five of the nine validator nodes on the network, including four of Sky Mavis’ own validators.
Earlier this week Sky Mavis announced that the re-designed Ronin bridge had passed an audit from the crypto security firm Certik, coming back “with minor suggestions.”
“We are implementing Certik’s improvement recommendations and will begin to deploy the validator Governance Smart Contract,” Ronin said on Tuesday.
Following the incident, Sky Mavis has pledged to either recover or reimburse the stolen user funds.
The company raised $150 million in fresh funding in April to aid the process. Crypto exchange Binance led the fundraise, with participation from Animoca Brands, Andreessen Horowitz, Paradigm, and others.
The developers also launched a $1 million bug bounty program to “encourage responsible disclosure of security vulnerabilities.”
Some of the funds stolen in the attack—around $7 million in ETH—were subsequently sent to the cryptocurrency mixing service Tornado Cash, with the U.S. Treasury identifying three additional wallet addresses—allegedly tied to North Korea’s Lazarus hacking group—that were related to the attack in April.
Several cross-chain bridges have fallen victim to exploits in recent months; in February, a hacker stole $320 million from the Wormhole bridge between Solana and Ethereum, while just this morning Harmony's Horizon bridge was hacked for $100 million.