Dogechain halted transactions later this week after developers discovered a serious bug in the project’s bridge contracts.
Dogechain transactions suspended
Dogechain is at risk of being hacked this weekend.
The project’s developers found a bug on September 10 and paused block creation for several hours. On 9/11, the development team said the network was back up and running in tandem with ongoing maintenance.
This bug could allow attackers to use wrapped DOGE (wDOGE) freely on the bridge network.
The project said the fact that its network is currently running on a Proof-of-authority (PoA) consensus mechanism allows the team to reverse “wDOGE’s unwarranted mining.” The development team added that it will remain under PoA until fully prepared for the transition to Proof-Of-Stake (PoS) consensus.
Dogechain noted that the issue relates to “internal bugs” rather than “exploits or hacks.” The team assured the public that no Dogecoin (DOGE) was lost or stolen. They added that no “internal funds” were lost — presumably referring to Dogechain (DC) and wrapped Doge tokens (wDOGE).
However, some sources claim that Dogechain has actually lost its capital. Independent cryptocurrency researcher Crumbs suggested that the attacker exploited the vulnerability to mine 9.7 million wDOGE ($600,000). The attacker is believed to have converted up to $316,000 into other assets; a portion of that money may have been deposited into Binance.
Dogechain builder Roc Zacharias responded to Crumbs and denied the theft, saying the project “had [an] internal bug [and] no hacks.” He added: “No money is lost. There is no lost bridge as you suggested here.
Despite those denials, it seems that an Ethereum address beginning with 0x78F05… has been blacklisted by Dogechain. In addition, Dogechain’s official account of events implies that funds were minted without security even if those coins were reversed.
Those facts do not confirm that the attacker successfully committed the theft. However, it seems that an individual lost money while making a transaction.
It should be emphasized that the vulnerability affects Dogechain, not Dogecoin. The two projects have no formal relationship. Dogechain aims to build a layer 2 network that allows dogecoin token bridge to be used on new applications such as decentralized exchanges and NFT marketplaces.
Furthermore, the vulnerability described above is completely unrelated to the recent data breach that affected the Shiba Inu token, another doge-themed blockchain project.
