Now the dust as has settled from last week's, jonwu.eth@jonwu_ explains in this thread, the what and how...

jonwu.eth@jonwu_ Whew. Hell of a week for systemic risk. Wormhole, a Solana cross-chain bridge, was exploited today (Feb 2nd 2022) for $325 million (120,000 $ETH). Here's what happened, why cross-chain bridges are hard, and why Vitalik's warning about cross-chain security probably doesn't apply here:

jonwu.eth@jonwu_ First, how cross-chain bridges like Wormhole work: A bridge is essentially a way to agree on the current state of two different networks. You can think of it as a cross-chain communications protocol. A blockchain-to-blockchain messaging app.

jonwu.eth@jonwu_ Say I was trying to pass a message from Ethereum to Solana. How would I do so, given they don't talk to one another? The first way would be for me to simply say to someone on Solana: "I saw something happen on Ethereum. Trust me."

jonwu.eth@jonwu_ But something something centralization, something something censorship resistance! So instead there is a *set* of trusted observers who watch smart contract activity. Each says "I saw something happen on Ethereum." Then, if they all agree, then the message is passed.

jonwu.eth@jonwu_ Bridging funds is one feature of cross-chain bridges, done via a mint-and-lock mechanism: 1) A user puts $WETH into Wormhole's Ethereum smart contract 2) Validators observe and agree that the user did so 3) Wormhole $ETH ($weETH) is minted from Wormhole's Solana smart contract

jonwu.eth@jonwu_ So what the hacker did is exploit a bug to trick Wormhole into minting them a bunch of $weETH on Solana. Like, $325 million worth.

jonwu.eth@jonwu_·2hThey bridged 2/3 of it back to Ethereum, redeeming it for $ETH from the Wormhole contract. After all, $weETH is just a paper claim on Solana. It's redeemable for $WETH locked on Ethereum, but it's ultimately secured by Wormhole.

Quote Tweet: Xohn@0revenue

"Wormhole exploited for 80k eth. Whew."


jonwu.eth@jonwu_ So where's the systemic risk? In the hour after the hack, all the paper claims on $ETH became paper claims on...nothing. Wormhole $ETH price expectedly diverged from other, more secure forms of $ETH (secured by bridges from e.g. @FTX_Official):

Quote Tweet: Steven@Dogetoshi

"Wormhole is guaranteeing a 1:1 backing. Wormhole ETH is still trading a deep discount."


jonwu.eth@jonwu_ There could have been extreme knock-on effects of assets going to 0: 1) Liquidity pools with $weETH 2) Lending protocols with $weETH collateral backing becoming undercollateralized 3) Borrowers with $weETH collateral getting liquidated.

Quote Tweet: Rhizóō ♜♜♜@rhizoo_

"wormhole wrapped eth on solana (whETH or weETH) at risk. on the DEX side raydium with the most at like 22.5m at risk looks like orca with about 19m at risk saber with about 8.5m at risk"


jonwu.eth@jonwu_ But it never happened. Wormhole for its part is making good on its $WETH backing, pledging to fill the $325 million shortfall in a matter of *hours*. $weETH is back to parity with other forms of $ETH on Solana.

Quote Tweet: @wormholecrypto

"The wormhole network was exploited for 120k wETH. ETH will be added over the next hours to ensure wETH is backed 1:1. More details to come shortly. We are working to get the network back up quickly. Thanks for your patience."

jonwu.eth@jonwu_ It wasn't even all the $ETH on Solana: Most of it is bridged and secured by @FTX_Official. Speaking of which, who covered the shortfall? Likely the market makers and exchanges who provide $weETH exit liquidity during the hack. Or:

Quote Tweet: jonwu.eth@jonwu_

"investors: where is this $325m coming from wormhole: ur mom"

jonwu.eth@jonwu_ I mean if you're Alameda what would you do: - Let Wormhole $weETH collapse and tear through Solana, destroying some protocols, hurting others badly, weeks of FUD and terrible $SOL publicity - Write the check and it blows over by tomorrow

jonwu.eth@jonwu_ So like, what next? Is the cross-chain thesis totally fucked? Is Solana a 3rd-rate blockchain? Did Vitamin's cross-chain prophecy become true?

Quote Tweet: vitalik.eth@VitalikButerin · Jan 8

"My argument for why the future will be *multi-chain*, but it will not be *cross-chain*: there are fundamental limits to the security of bridges that hop across multiple "zones of sovereignty."



jonwu.eth@jonwu_ At the end of the day, despite the size of the hack-- (and the inconvenient fact that the two largest hacks of all time on the @RektHQ leaderboard are cross-chain bridges) --this was a smart contract bug.

Quote Tweet: Georgios Konstantopoulos@gakonst

"Worth noting that criticisms against @wormholecrypto security model are quite irrelevant here. This is a smart contract bug, can happen to anything, whether it is a multisig or a rollup bridge. We need better critics as usual :)"

jonwu.eth@jonwu_ Vitalik was saying "it's a lot easier to 51% attack a bridging protocol's 19-node validator set than an L1's 30,000 nodes, and if the prize is big enough, it could happen." He didn't say that multi-chain bridges are at a greater risk of smart contract bugs than anything else.

jonwu.eth@jonwu_ "There are new security patterns that need to be learned, like it was with DAOs and Defi. And the community seems to be learning it the hard way: one hack at a time." Amen. Building is hard. These learnings will make cross-chain bridges like Wormhole better with time.

Thanks to jonwu xxx

We publish a daily dose of decentralization here every day (UTC+8), for additional daily updates follow us on Mastodon, Twitter, Telegram or Element (Matrix). Please like & share all our output. We rely on User-Generated Content so why not write for us and since we try to avoid ads and sponsorship, why not donate to help us continue our work - all major cryptos accepted. You can contact us at and at