After Axie Infinity Hack, Will other Play-2-Earn Games Be Hacked Soon?

Tuesday, 05/04/2022 | 16:32 GMT by FM
  • Relying on bridges to connect between different blockchains can be a risk factor.
Hacking

The recent incident affecting the Ronin Network - which powers the Axie Infinity game - has many people on edge. It is a problematic development that affects the broader play-to-earn gaming industry. However, the game itself was never hacked, nor have any other games been put at risk.

The Axie Infinity Hack Is a Ronin Issue

It is essential to get the details regarding the recent Axie Infinity hack correct. Many people think the popular play-to-earn game itself was affected by the security incident. Even though the network Axie is built on suffered from a security incident, that is not true. Hackers targeted the Ronin bridge, a piece of infrastructure built by Ronin’s developers, connecting the Ethereum and Ronin networks.

The incident affecting that bridge saw over $600 million being stolen. But, more worryingly, it went by unnoticed for six days, which remains puzzling today. The hacker - or hackers - managed to compromise five out of nine validator nodes powering the Ronin Network. There was a consensus on the malicious transactions, ensuring the network would process them. A total of 173,600 ETH and 25.5 million USDC were transferred out.

When underlying infrastructure suffers an attack, it reflects negatively on all projects leveraging the technology stack. For example, Axie Infinity is one of today's most popular play-to-earn games, yet few people know about the Ronin Bridge. It is easy to assume the attack affected the game, even if that isn't the case. Moreover, the attack did not involve smart contract exploits, like other similar incidents over the past few months.

It is crucial to understand the Axie Infinity game and its assets have not been hacked or compromised. However, the Ronin Network and the in-house built Ronin Bridge were vulnerable due to a deliberate decision by its developers to rely on a limited number of validator nodes and let one entity control several of them. The network will receive an upgrade, and the team will adjust the validator thresholds.

Are Other P2E Games at Risk?

Relying on bridges to connect between different blockchains can be a risk factor. Decentralizing these cross-chain solutions is essential, as "entrusting" a few select people with the power to control the network will not work. The Ronin Network hack has made that all too clear once again. However, the incident serves as a valuable lesson for projects operational today or still in development.

Incidents like these do not mean cross-chain building cannot work. Splinterlands, one of the leading blockchain play-to-earn games, resides on the Hive and WAX blockchains. Moreover, it uses Polygon and BNB Chain for in-game assets. The team issued smart contracts for these respective chains and leverages TeraBlock for token bridging through a burn-and-mint strategy.

Moreover, there are still many play-to-earn games not seeking cross-chain opportunities today. For example, Plutonians is an up-and-coming game on Solana that creates various mechanisms for letting players access virtually unlimited content. Moreover, it is a very accessible game by anyone, removing the need for being on the right "chain" or swapping assets to and from other networks.

Play-to-earn games currently in development can learn valuable lessons from the Ronin incident. For example, Affyn, a project recently raising $20 million to build its Metaverse game, can ensure they build their infrastructure properly to prevent incidents from happening. The gift of hindsight is a powerful incentive to do better and build more secure blockchain games.

The recent incident affecting the Ronin Network - which powers the Axie Infinity game - has many people on edge. It is a problematic development that affects the broader play-to-earn gaming industry. However, the game itself was never hacked, nor have any other games been put at risk.

The Axie Infinity Hack Is a Ronin Issue

It is essential to get the details regarding the recent Axie Infinity hack correct. Many people think the popular play-to-earn game itself was affected by the security incident. Even though the network Axie is built on suffered from a security incident, that is not true. Hackers targeted the Ronin bridge, a piece of infrastructure built by Ronin’s developers, connecting the Ethereum and Ronin networks.

The incident affecting that bridge saw over $600 million being stolen. But, more worryingly, it went by unnoticed for six days, which remains puzzling today. The hacker - or hackers - managed to compromise five out of nine validator nodes powering the Ronin Network. There was a consensus on the malicious transactions, ensuring the network would process them. A total of 173,600 ETH and 25.5 million USDC were transferred out.

When underlying infrastructure suffers an attack, it reflects negatively on all projects leveraging the technology stack. For example, Axie Infinity is one of today's most popular play-to-earn games, yet few people know about the Ronin Bridge. It is easy to assume the attack affected the game, even if that isn't the case. Moreover, the attack did not involve smart contract exploits, like other similar incidents over the past few months.

It is crucial to understand the Axie Infinity game and its assets have not been hacked or compromised. However, the Ronin Network and the in-house built Ronin Bridge were vulnerable due to a deliberate decision by its developers to rely on a limited number of validator nodes and let one entity control several of them. The network will receive an upgrade, and the team will adjust the validator thresholds.

Are Other P2E Games at Risk?

Relying on bridges to connect between different blockchains can be a risk factor. Decentralizing these cross-chain solutions is essential, as "entrusting" a few select people with the power to control the network will not work. The Ronin Network hack has made that all too clear once again. However, the incident serves as a valuable lesson for projects operational today or still in development.

Incidents like these do not mean cross-chain building cannot work. Splinterlands, one of the leading blockchain play-to-earn games, resides on the Hive and WAX blockchains. Moreover, it uses Polygon and BNB Chain for in-game assets. The team issued smart contracts for these respective chains and leverages TeraBlock for token bridging through a burn-and-mint strategy.

Moreover, there are still many play-to-earn games not seeking cross-chain opportunities today. For example, Plutonians is an up-and-coming game on Solana that creates various mechanisms for letting players access virtually unlimited content. Moreover, it is a very accessible game by anyone, removing the need for being on the right "chain" or swapping assets to and from other networks.

Play-to-earn games currently in development can learn valuable lessons from the Ronin incident. For example, Affyn, a project recently raising $20 million to build its Metaverse game, can ensure they build their infrastructure properly to prevent incidents from happening. The gift of hindsight is a powerful incentive to do better and build more secure blockchain games.

Thought Leadership