Arbitrum Rewards White Hat Hacker For Detecting Vulnerability

Last Updated:
  • Arbitrum has rewarded a white hat hacker for discovering a vulnerability in its payment code.
  • The hacker has been rewarded 400 ETH.
  • Arbitrum saw daily transactions hitting an all-time high during the month of September.

A popular Layer 2 solution for Ethereum, Arbitrum has rewarded a white hat hacker 400 ETH for discovering a vulnerability in Arbitrum’s payment code, which otherwise could have cost Arbitrum nearly $470 million.

The white hat hacker, who goes by the name Riptide, wrote on Twitter:

Riptide, who discovers vulnerabilities within smart contracts, said that the million-dollar vulnerability could have potentially affected anyone who wanted to exchange funds from Ethereum to Arbitrum Nitro.

After discovering the vulnerability, the hacker chose to report it and ask for a reward. In return, they asked for 400 ETH, which is nearly $540,000, whereas Arbitrum offered a $2 million reward as its maximum tier.

In August, Arbitrum went through a major update. Riptide thoroughly scanned the Arbitrum Nitro code a few weeks before the release. While doing so, the hacker found a vulnerability where the bridging contract was able to accept deposits, even though the contract was initialized previously.

Riptide further commented:

A client can send a message to the sequencer by signing and publishing an L1 transaction in the Arbitrum chain’s Delayed Inbox. This functionality is most commonly used for depositing ETH or tokens via a bridge.

Nonetheless, Arbitrum saw its activity quadruple after the Nitro upgrade, which took place on August 31. The Layer 2 solution saw daily transactions hitting an all-time high during the month of September.

Meanwhile, OpenSea is also set to launch support for the Arbitrum layer and new NFT projects on September 21, 2022. It will support collections like Smolverse, the GMX Blueberry Club, and Diamond Pepes by dopex_io. The Arbitrum NFT support will go live today on OpenSea, where creators have been suggested to set their creator fees before any transactions occur.

Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.