BlockBriefly
Ethereum Layer 2 Scroll Delays Finalization Following Rho Markets Breach
July 19, 2024

Ethereum Layer 2 Scroll Delays Finalization Following Rho Markets Breach

By: Eva Baxter

Ethereum's layer-2 network Scroll has delayed its chain finalization in response to a potentially exploitable bug within its ecosystem. On July 19, Rho Markets, a lending protocol operating on the blockchain, detected unusual activity and suspended operations for an investigation. Blockchain security firm Cyvers Alert reported that approximately $7.6 million was hacked from Rho Markets' USDC and USDT pools. The firm pointed to an exploit related to oracle access control by a malicious actor.

According to DeBank's dashboard, the exploiter's wallet holds 2,203 ETH worth $7.5 million along with other assets like Mantle's MNT, Binance's BNB, and Fantom's FTM tokens. Scroll Network stated that it was delaying chain finalization to thoroughly assess the situation after verifying with the Rho Markets team. They confirmed the exploit was application-specific and initiated a coordinated response.

Scroll's decision to delay finalization has sparked a debate about the network's decentralization. While some critics argue that the delay contradicts decentralized principles, supporters believe the move was necessary to protect users' assets. Andy, the co-founder of The Rollup, stated, "Until things are close to being maximally decentralized, I think pausing state finalization to prevent user funds being lost is right. Especially for an ecosystem project trying to innovate. However, I don’t know what this says about Scroll’s censorship resistance."

Meanwhile, there is speculation that the attacker may be a whitehat hacker. On-chain messages indicate the attacker's willingness to return the stolen funds, suggesting the incident might be a whitehat act. Blockchain investigator ZachXBT revealed a message from the attacker acknowledging the misconfiguration and expressing willingness to return the funds while demanding Rho Markets admit the issue and explain preventive measures. On-chain data shows the attacker's address is linked to several centralized crypto exchanges, including Binance, Gate, KuCoin, and OKX.

In light of the developments, the Ethereum DeFi platform managed to recover the $7.6 million after complying with the exploiter’s demands, demonstrating a significant step towards resolving the issue and mitigating its impact on the affected users.

Latest News

Learn Concept: zk-SNARKs - The Backbone of Blockchain Privacy
Nov. 17, 2024
Learn Concept: zk-SNARKs - The Backbone of Blockchain Privacy
Crypto News Biweekly Roundup: Bitcoin Surges, SEC Actions, and Election Impact
Nov. 16, 2024
Crypto News Biweekly Roundup: Bitcoin Surges, SEC Actions, and Election Impact
Understanding Asset Tokenization with Tether's Hadron Platform
Nov. 16, 2024
Understanding Asset Tokenization with Tether's Hadron Platform
Dogecoin Investors Withdraw Lawsuit Against Elon Musk
Nov. 15, 2024
Dogecoin Investors Withdraw Lawsuit Against Elon Musk
Get In Touch

[email protected]

Follow Us
News Directory
Past Market Trends

© BlockBriefly. All Rights Reserved.