Solana has dipped 13.5% following last night’s attack on the Wormhole bridge.
- Solana is down 13.5% today.
- SOL tanked on the news that $322 million had been stolen from the Wormhole bridge.
- The Wormhole team says that it will be replacing the stolen ETH.
Update: After exploiting a Wormhole vulnerability, hackers stole around $322 million from Solana (SOL), but the interoperability protocol has recently updated its users that the funds have been restored.
Wormhole Hack Leads to Solana Dip
SOL has dipped by more than 13.5% in the last 24 hours, triggered by the news of a $322 million hack on the Wormhole bridge.
A vulnerability in the Ethereum-compatible cross-chain bridge allowed a hacker to drain 120,000 ETH locked on the Ethereum-facing smart contract at around 18:24 UTC last night. SOL was trading at $111 when the news of the hack surfaced and has plunged to $96 today.
The Wormhole bridge lets users transfer ETH from Ethereum to Solana. To use ETH on Solana, users can lock it in a smart contract and receive a pegged asset called Wormhole ETH (wETH). This asset can be used across Solana’s DeFi ecosystem.
The hacker executed an unauthorized mint of 120,000 wETH worth about $322 million. They executed the attack by exploiting a bug related to Solana VAA, a bridge function to verify asset transfers.
The hacker then transferred 93,750 wETH back to Ethereum, claimed it and moved into their wallet. They then swapped the remaining 26,250 for 432,662 SOL and have left the funds sitting in their wallet on Solana.
The Potential Impact on The Solana Ecosystem
While the Wormhole hack was not a direct hack on the Solana network, the incident could have a negative impact on the ecosystem. This is primarily because the ETH that helps collateralize the peg of wETH is missing following the hack. As a result, 120 million wETH is circulating on Solana and currently in use across DeFi applications without any real backing. Permanent absence of the ETH backing wETH could affect collateralized token loans on Solana-based lending protocols such as Solend.
If the 1:1 backing of wETH is not quickly replenished, it could trigger a situation where DeFi positions may become undercollateralized and potentially fuel a bank run. Such a situation would add to Solana’s well-documented difficulties after it has suffered from multiple clogs due to bot attacks on the network over the last few months.
In a Wednesday tweet announcing the hack, Wormhole said it would replace the missing ETH on the bridge to “ensure wETH is backed 1:1”. However, it did not specify where it would get the $322 million supply from. The Wormhole team has since patched the vulnerability.