Open in app

Sign in

Write

Sign in

Analysis of Horizon bridge attack incident

Tokenview.io
3 min readJun 28, 2022

$100 million stolen from the Horizon bridge

On June 24, the Harmony team tweeted that the Horizon bridge had been attacked and the damage was estimated at $100 million.

Harmony is currently working with top blockchain tracking teams and the FBI to investigate the theft.

Horizon is an asset cross-chain bridge with Ethereum developed by Layer1 chain Harmony.

A cross-chain bridge is a technology that connects two blockchains by validating cross-chain transactions through two processes. In short, the Horizon bridge allows the free flow of assets between the two Ethereum-Harmony blockchains.

How the Horizon was stolen

About $100 million was stolen in the Horizon attack, including 11 ERC20 tokens on Ethereum and 13,100 ETH; 5,000 BNB and 640,000 BUSD on the BSC.

Hacker address:

https://eth.tokenview.com/en/address/0x0d043128146654c7683fbf30ac98d7b2285ded00

https://eth.tokenview.com/en/address/0x9e91ae672e7f7330fc6b9bab9c259bd94cd08715

https://eth.tokenview.com/en/address/0x58f4baccb411acef70a5f6dd174af7854fc48fa9

Private key disclosure address:

https://eth.tokenview.com/en/address/0xf845a7ee8477ad1fb4446651e548901a2635a915

https://eth.tokenview.com/en/address/0x812d8622c6f3c45959439e7ede3c580da06f8f25

Attacked contract MultiSigWallet:

https://eth.tokenview.com/en/address/0x715cdda5e9ad30a0ced14940f9997ee611496de6

Take the loss of 13,100 ETH in the first transaction vulnerability as an example:

1. The attacker uses address 0x812…8F25 calls the contract 0x715…6DE6 for verification.

2. A cross-chain bridge is protected by a set of verifier nodes that submit cross-chain transaction confirmations through a multi-signed contract that requires only two verifiers to allow cross-chain. It is this point that the attacker takes advantage of to finally execute a successful transaction: transferring 13,100 ETH to the attacker address 0x0d0… Ed00.

According to Tokenview data, the Horizon attacker’s address https://eth.tokenview.com/cn/address/0x0d043128146654c7683fbf30ac98d7b2285ded00 transferred 18,036 ETH (about $22 million) to the new address at 15:10:11 on June 27.

At 15:11:06, this address transfers 6,012 ETH ($7.38 million) to 0x43… 47Ae, and transfer to Tornado Cash with 100 ETH for each installment. At 19:17:40, another 6,012 ETH is transferred to 0x45… 5970, still transferred to Tornado Cash with 100 ETH for each installment.

At 23:48:52, the address transfers 6009 ETH to 0x8A… C3f4 was still transferred to Tornado Cash at 100 ETH per transaction.

At 11:58:50 on June 28, the attacker’s address forwarded 18,036 ETH to the new address (0x809D… C5e4), followed by the new address to address (0x89f… Bd8b) transfer 6,012 ETH. The current Horizon attacker address balance is 49,79.67ETH.

--

--

Tokenview.io

Written by Tokenview.io

170 Followers

Our mission is to build Freedom Safe Easy Web3/Crypto world. visit us at https://tokenview.io for General Multi-chain Explorer and Blockchain APIs entrance.

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams