Ethereum Layer 2 community Scroll has delayed the finalization of its chain attributable to a probably exploitable bug within the ecosystem.
On July 19, Rho Markets, a blockchain lending protocol, detected uncommon exercise and suspended operations for an investigation.
Blockchain safety agency Cybers Alert reported that Rho Markets' USDC and USDT swimming pools have been hacked for about $7.6 million. The corporate said:
“The foundation reason for this incident seems to be oracle entry management compromised by malicious actors!”
In response to DeBank's dashboard, the attacker's pockets holds 2,203 ETH, price $7.5 million, in addition to different belongings together with Mantle's MNT, Binance's BNB and Fantom's FTM tokens.
In response, Scroll Community mentioned it was delaying the completion of the chain. The undertaking said:
“After checking with the Rho Markets staff, we initiated a coordinated response. Scroll has determined to quickly postpone finalizing the chain as a way to completely assess the scenario. We’ve got confirmed that the exploit is application-specific.”
In the meantime, Scroll’s choice has sparked a debate concerning the community’s decentralization: critics declare that chain delays go towards the ideas of decentralization, whereas supporters consider the transfer was crucial to guard customers’ belongings.
Andy, co-founder of The Rollup, mentioned:
“I feel it's proper to pause state finalization till issues are as decentralized as doable to stop customers' funds from being misplaced, particularly for ecosystem tasks which are making an attempt to innovate. I'm undecided what this implies about Scroll's censorship-resistance, although.”
White hat hacker?
Nevertheless, the attackers have indicated their intention to return the stolen funds, sparking hypothesis that the incident could be the work of white hats.
An on-chain message shared by blockchain analysis agency ZachXBT signifies the attackers are prepared to return the funds. The message reads as follows:
“Hey RHO staff. Our MEV bot profited from a misconfigured worth oracle. We perceive that the funds belong to you and intend to refund them in full. Nevertheless, we wish you to first acknowledge that this was a misconfiguration and never an exploit or hack, and clarify how we are able to forestall this from occurring sooner or later.”
Notably, on-chain knowledge exhibits the attacker's addresses are linked to a number of centralized cryptocurrency exchanges, together with Binance, Gate, KuCoin, and OKX.
