The incident in question, courtesy of @RektHQ.
TLDR: The EVM relies on smart contract developers to implement all token logic and validations. A hacker can interact with that logic and exploit the smallest of mistakes to mint tokens for themselves. On Radix, the platform natively understands when a specific token has been deposited. With this, Scrypto developers can trigger the minting of new tokens to happen only after “Radix Engine” has validated that the correct original tokens have been deposited. This kind of hack is therefore not possible on Radix.
Qubit Finance allows for lending and borrowing on Binance Smart Chain (BSC). One of its features was the X-Bridge, which allows users to deposit Wrapped ETH (wETH) on Ethereum, and mint a representation of that wETH on BSC, qXETH, for use in BSC’s DeFi ecosystem.
For its bridge, the relevant Qubit Finance smart contract on Ethereum has a number of validation rules in place to ensure that only when wETH has been deposited, will it sign a message to its equivalent contract on BSC to mint an equal amount of qXETH.
On 27 Jan 2022, a hacker created a contract that fed Qubit on Eth a specific sequence of data. This tricked Qubit on Eth’s validation rules into signing a message to its BSC counterpart to mint 77,162 qXETH, despite not receiving any wETH. The qXETH was sold for $80m.
So why couldn’t this hack have happened if it had leveraged Scrypto and Radix Engine v2, instead of Solidity and the EVM? (Scrypto and Radix Engine v2 are scheduled to go live as part of Radix’s upcoming Babylon release.)
The answer is that tokens on Radix are transferred via native function calls of the Radix platform, and the rules surrounding them are inherently understood by the system.
If the bridge had been on Radix, the smart contract logic to mint qXETH would only be triggered after the Radix platform had confirmed that real wETH had been deposited. There is no such thing as bypassing the smart contract’s validations, as they don’t exist.
It’s not possible to feed the “Qubit” on Radix smart contract with fake data as there isn’t an interface for that. As per the diagram above, the mint can only be triggered on Network 2 after real wETH has been received into “Qubit’s” vault on Network 1.
This leaves the hacker with only one option - attempt to deposit a massive amount of real wETH into the “Qubit” on Radix vault. But of course, as they don’t have that wETH, the transaction is immediately rejected.
As a final note, the Qubit smart contracts had been audited by Theori in Dec 2021, just a month before the exploit. This reinforces the notion that developing in Solidity and the EVM is so unintuitive, even auditors can’t spot all vulnerabilities. https://github.com/PancakeBunny-finance/qubit-finance/blob/master/audits/mound_qubit_xChain_audit_rev1.1.pdf
If you’d like to learn more about Radix Engine and how it makes DeFi and your tokens on Radix far more secure, you may enjoy our blog on the Radix Engine v2.
In case you missed it: Rekt Retweet #2 - Why the $120 million @BadgerDAO hack in December 2021 on #Ethereum could NEVER happen on #Radix.