“Trivially Vulnerable” BitBTC Bridge Prevents 200 Billion Token Theft

Reading Time: 2 minutes
  • A crypto bridge has been patched a day after a 200 billion token theft was initiated
  • The exploiter managed to mint and swap 200 billion artificial coins for real BitBTC coins
  • Engineers had warned that the bridge wasn’t safe when it launched in November 2021

A cryptocurrency bridge described as “trivially vulnerable” has been patched, preventing 200 billion tokens being taken from it. The Optimism bridge supporting the privacy coin BitBTC was exploited by a hacker who took advantage of the customised nature of the bridge, allowing them to mint 200 billion fake tokens and swap them for real ones. However, after the alarm was raised by a prominent critic, the flaw was patched before the deadline and the transaction was reversed.

Critics Warned That BitBTC Was Vulnerable

The BitBTC bridge attack was similar in nature to the Binance Chain attack of two weeks ago, in which almost $541 million in tokens was taken. The attack involved the minting of fake tokens on one side of the bridge and swapping them for real ones, which critics of BitBTC had been warning for almost a year was inevitable given BitBTC’s use of a custom bridge over the standard Optimism one, which impaired its security.

One of the most prominent critics was Arbitrum tech lead Lee Bousfield, who revealed on Twitter that he had been waiting for this day ever since BitBTC’s 2021 launch:

Bousfield revealed that the way the bridge was set up meant that the BitBTC team had less than seven days to implement an upgrade or risk losing the coins. He failed to raise them privately and so resorted to Twitter to try and spread the word. Eventually the flaw was patched and the coins secured.

Project Isn’t To Be Trusted

Another Twitter user pointed out that it probably wasn’t a great idea to trust that the BitBTC team was up to the task, given that the project’s whitepaper claimed that, “The next step is BitBTC can be World Currency,” and added that the BitBTC coin “will reach $0.1” at an undetermined point in the future.

As we’ve said before, never trust a project that promises gains.