back to article How a crypto bridge bug led to a $200m 'decentralized crowd looting'

Cryptocurrency bridge service Nomad, which describes itself as "an optimistic interoperability protocol that enables secure cross-chain communication," has been drained of tokens notionally worth $190.7 million if exchanged for US dollars. "We are working around the clock to address the situation and have notified law …

  1. Anonymous Coward

    There're kidding, right?

    "However, the Nomad team apparently initialized the trusted root with the value 0x00, which had the effect of validating every message."

    This makes Homer Simpson look competent.

    They not only didn't understand the security audit findings or the recommendations, they didn't understand the Merkle Tree at all. And they found the one value that broke the Merkle Root.

    Since bridges exist primarily for money laundering, I'm just hoping the whole thing crashes and burns.

    P.S. Where did the Clueless icon go?

    1. Wanting more

      Re: There're kidding, right?

      Yes everyone knows it should of been 0xFF instead

  2. Ace2 Silver badge

    "We believe the Nomad team has misunderstood the issue."

    Ha ha ha.

    “Have notified law enforcement”

    Like all cryptidiots, regulations and laws and government are bad and should be avoided, until you need them to help get your loot back.

    1. Anonymous Coward
      Anonymous Coward

      The thing I don't get, is that the big thing about "smart contracts" is they are supposed to be code that has the full force of a legal contract. So, while this may not be what the author intended, it is allowed by the contract.

      So why would the police or court be involved? No money was stolen, it was just taken legally by people who followed the letter of the contract which allowed them to do that.

      1. Michael Wojcik Silver badge

        the big thing about "smart contracts" is they are supposed to be code that has the full force of a legal contract

        "Supposed" by whom? I don't believe I've ever seen that claim even by smart-contract enthusiasts. It's hard for something to have the full force of law when it's not recognized by the law.

        Smart contracts aren't contracts under any sensible definition of the term.

        But that said, I agree that it's not immediately obvious what law or contractual arrangement might have been broken here, so it's not clear to me what criminal or civil action would be available, even if the perpetrators could be identified. Maybe something under the rather sweeping and arbitrary computer-misuse statutes that legislatures have pumped out, since violations of those are pretty subjective. Maybe a terms-of-license violation, if there's also a license agreement that attaches somehow. Eventually there's likely to be some tax-code violation, unless the perps report the income properly in their jurisdictions.

      2. JimboSmith Silver badge

        Wasn’t there an incident where there were gambling terminals that allowed you to bet on a foreign country’s weekend soccer games. The local community included many expats/migrant workers from this country hence why that country was chosen. These machines were uploaded with the games each week and then hopeful punters could bet on the outcome of these games for fixed odds. These games were normally played on a Sunday and these machines were popular with their target market.

        However one week and it may well have been the final weekend of the season, the games were all played on the Saturday instead. The gambling company stupidly hadn’t updated the closing time and day for the bets to be placed. Therefore people found they could place bets after the games on Saturday had finished and the result known. You couldn’t lose unless you were particularly thick or fat fingered. The punters didn’t receive their winnings though because surprise surprise the betting firm refused to pay up. Their argument was something like; you can’t bet on an event that’s already happened.

        Can’t remember the full details of the thing and whether they eventually got paid out. My Google Fu is also failing me.

        1. Anonymous Coward
          Anonymous Coward

          That is true, but its true because betting is a regulated industry with many laws about what the betting companies can and cannot take bets on and their responsibilities. One of those laws is that you can't take a bet on an event that has already happened.

          DeFi proponents cite its lack of regulation as an advantage - but its that lack of regulation that means (in the absence of any legal ruling stating different) that the "smart contract" is the only contract. Many countries have taken the position that digital currencies, NFTs etc are items that can be owned and, so in effect, are regulating them as property. That undermines the argument of DeFi proponents that they don't need governments or regulations as smart contracts do away with the need for that, but does marginally help the people who lose money in such situations, assuming the thieves are in a legal jurisdiction in which they are reachable by those who wish to pursue them via courts for property theft.

  3. Snowy Silver badge

    Broken bridge

    Yet another broken bridge use to steal funds...

  4. Gene Cash Silver badge


    That's like the stackoverflow comments to "fix" my TLS certificate code by making it accept every certificate, because no-one knows how to make a valid pair of certificates (where "working" == "doesn't generate errors")

    1. Michael Wojcik Silver badge

      Re: Heh

      To be fair, X.509 and PKIX (and related standards like the CA/BF BR) are nearly as fraught with poor design decisions and implementation problems as smart contracts are. Unfortunately there's nothing better that's also standardized and widely used.

  5. Anonymous Coward
    Anonymous Coward

    "All you had to do was find a transaction that worked, find/replace the other person's address with yours, and then re-broadcast it."

    So the Web3.0 equivalent of changing a url parameter in moveMoney?sourceAccount=123456&destAccount=7890123 service?

    The world has never seen genuines of this ilk before.

  6. Anonymous Coward
    Anonymous Coward

    I propose a change to the nomenclature

    “Crypto” to be replaced by “Scampto”

    1. Jedit Silver badge

      Re: I propose a change to the nomenclature

      No, they're definitely still crying and will cry more.

      I would, however, like to pose the question: at this point, is there any cryptocurrency left that hasn't been stolen>

  7. anothercynic Silver badge

    *points at icon*

    There's nothing left to say.

  8. sebacoustic

    > ...trace and recover the funds.

    No-mad, just ge-even

  9. Steve E-G

    In keeping with its self-applied descriptor "optimistic," the crypto biz has thanked "our many white hat friends who acted proactively and are safeguarding funds."

    The next time my local bank is being turned over I might just pop in and grab a bag full of cash, if anyone asks I'm just being proactive and safeguarding funds.

  10. Doctor Syntax Silver badge


    That just confirms my view that these people have peculiar ideas about numbers.

    1. Mike 137 Silver badge


      A 2555 day year? Not on any planet in this solar system, so they're clearly on another planet altogether.

      Or maybe it's just that their brains aren't working.

    2. fajensen

      American work culture?

  11. Howard Sway Silver badge

    an optimistic interoperability protocol that enables secure cross-chain communication

    Ah yes. our good old friend "Optimistic Security". As seen in practice by their refusal to do basic input validation. "We're optimistic that they'll provide a non-zero value, especially as we've used a zero value as our effective root certificate...... nobody will ever notice that, and if they do they won't misuse it, and if they do misuse it they'll only be doing so to keep the money safe, and if they buy themselves a big house with the money they're keeping safe, they're only investing it to keep its value so they can later sell the house and give us the money back..... "

    Blockchain crypto is just a chain of delusions of value, with a root certificate of zero value.

  12. Mike 137 Silver badge

    "insufficiently validated code appears to reside within the process() function"

    Where, and in what application these days, does insufficiently valdiated code not appear? It's clearly "the way forward".

  13. Mojave Green

    It's not really stealing when you leave your "money" lying around for someone else to pick up.

  14. Anonymous Coward
    Anonymous Coward

    Code is law

    Nothing to investigate, no problem to resolve, it was designed this way

  15. Herring`

    Yeah, it's easy to mock the crypto people

    But in case you hadn't noticed, they have been putting serious money into advertising. Advertising to people who cannot afford to lose these sums of money.

    At least you could plant a tulip bulb and have a flower.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like