Try Quests to earn NEARIncident on Rainbow Bridge and how it affected NEAR
Overview of Analysis:
The NEAR Foundation is running an "Insight of the Week" series. In this analysis, we are going to investigate the activity of Rainbow bridge during the past 14 days. The main reason for this topic selection has been described in detail. For this purpose, various sectors have been analyzed to assess the performance of Rainbow and how it affected the NEAR blockchain.
This analysis is divided into the following parts:
-
Identify the incident on Rainbow Bridge pause
-
The activity of the Rainbow bridge from various aspects
-
Was that incident affected NEAR blockchain?
-
Summary and references
Methodology:
To handle this investigation, the Data provided by the Flipside community has been adopted, accordingly.
The data relating to the Rainbow Bridge have been shown by NEAR and Ethereum tables on Flipside. The sub-parts of this mentioned table have been utilized by its application:
- The reason for selecting Rainbow bridge to investigate
- The activity of Rainbow bridge over the past 14 days
- The network performance has been investigated through various
- Used metrics→ Count of transactions, active wallets, new users, transaction per minute(TPM), and paid fee.
NEAR blockchain and how does it work:
NEAR is a public, sharded, extensible blockchain network based on the proof-of-stake (POS) paradigm. Developers can use this platform to launch their own decentralized applications (similar to the Ethereum network). The token of this network is called $NEAR, which is the functional token of this network. The main goal of the NEAR network is to create an infrastructure for creating a new Internet. In the new internet, it will be harder for big companies to access people's personal information. Countries cannot ban some programs and destroy their business in this system. A world of freedom where everyone can act freely.
This platform uses sharding technology to solve the problem of scalability. In this model, a transaction does not need to be checked by all network nodes. With sharding, a network is turned into several parallel networks that check transactions simultaneously, so that each transaction is checked in a shard. As a result, only nodes present in a shard will check and confirm this transaction, and other nodes present in other shards of the network will not check this transaction. This idea makes the capacity of the network increase significantly.
The NEAR protocol has provided the NightShade solution. Nightshade is the main technology of the NEAR blockchain. In the NightShade solution, sharding is applied to all blocks individually instead of the main chain. In this method and because all the blocks are divided between the nodes of the NEAR network, the scalability of this network increases significantly. The mechanism of NightShade is that instead of sending transactions individually to each of the network nodes, they are divided among all nodes and run in parallel.
Currently, NEAR has improved its sharding capability in partnership with Octopus Network. Octopus allows developers to build their own blockchains. The chains created by Octopus are known as App Chains and are connected to the NEAR network through the Octopus Bridge, which is deployed as a smart contract.
RAINBOW BRIDGE PAUSE:
Rainbow Bridge, developed by Aurora, allows users to move their tokens between the NEAR, Ethereum, and Aurora networks (NEAR's Ethereum-compatible scaling solution).
Usually, it is the Rainbow Bridge relays that send information about NEAR blocks to Ethereum. However, sometimes others (usually bad actors with hacking goals) do, and incorrect information sent to the NEAR Light Client may result in the loss of all bridge assets. This is why this step is guaranteed by the need for consensus of NEAR validators, and if someone tries to send false information, it will be challenged by a set of independent watchdogs who also monitor the NEAR blockchain.
- According to the report in Newsletter 97, “On the 10th of February this year, a vulnerability was discovered in the NEAR Core—the decision to stop the rainbow bridge was taken immediately. This vulnerability was patched in a professional manner with quick reactions and transparent communication. No funds were lost”
- The comprehensive investigation of this incident has been drawn by Alex Shevchenko CEO of @auroraisnear (Aurora Labs).
- Based on this review, the process of stopping Rainbow Bridge and solving this solution takes the following steps:
- On the 10th of February, a vulnerability was discovered in the NEAR Core.
- The vulnerability concerns the validation of the block outcome root.
- This vulnerability presents particular risks for the Rainbow Bridge due to its trustless architecture.
- After a short review of the submission (even before the full validation of the vulnerability), the NEAR Protocol team notified Aurora Labs about the issue.
- The decision to stop the bridge and contracts that are holding users' tokens was taken immediately.
- Find out the transactions that caused this problem.
- Shortly after, the NEAR Protocol team confirmed the validity of the issue and the development of the patch to the NEAR Core started.
- On the 11th of February, the patch was developed and reviewed and the NEAR Core team started to contact validators to apply the patch.
- Throughout the weekend, validators worked on updating their instances and by the end of 12th February (Europe time) the required 67% stake was reached.
- The unpausing of the Rainbow Bridge was immediately communicated on all Aurora's official channels.
- Overall, this vulnerability was treated in a very professional manner with quick reactions, transparent communication, and advanced research.
- To identify the impacts of this incident, the activity of Rainbow bridge and NEAR blockchain has been investigated around that date.
The time of the incident and the process of its complete resolution was from February 10th to February 12th. Of course, it should be noted that as soon as the incident occurs, the support team fixed the problems in the shortest possible time and restore the performance of the system thanks to Bridge and Infrastructure teams in Aurora Labs.
Findings:
In this part, let’s focus on the impacts of this incident on the performance of the NEAR blockchain:
- As we know, the Rainbow bridge is one of the most important and useful tools in the NEAR protocol. According to the related charts, the count of transactions and the paid fees decreased during the time period of the incident.
- Also, the maximum transaction per minute (TPM) which is used to clarify the speed of the NEAR blockchain experienced its highest level on February 10th over the last 2 weeks with 4319 transactions per minute.
Findings:
Now let’s dive deeper into the day of the incident (February 10th). According to the time of the transactions caused a pause on Rainbow Bridge, Feb-10-2023 11 PM +UTC was the time of transactions. So look closer into the activity of Rainbow bridge around this hour.
- As can be seen from the outcomes, the count and volume of the bridge on this hour ( Feb-10-2023 23:00) experienced a huge drop but after resolving the problem by Bridge and Infrastructure teams in Aurora Labs corporate with NEAR security team, the activity of Rainbow bridge returned to its stable level.
Findings:
- The count of bridges on February 10th experienced a sudden decrease, as seen from the results. The outcomes of this incident were visible on February 10 to 12. But after February 12th, the bridge count increased in the proper manner.
- The volume of bridge (in USD) reached its lowest value in the last two weeks on February 11th. However, after Februrary 13 it followed the increasing pattern and reached to its previous (before incident) level.
- The count of unique senders were also severely affected by this incident and the lowest number of senders in period of incident.
Findings:
- This incident affected the count of active wallets on NEAR too and easily seen that the number of active wallets increased after the incident and February 13th.
- The count of newcomers on the NEAR protocol has decreased during the period of the incident but after the incident was completely resolved and since February 13, it has increased.
Conclusion:
By considering the outcomes of this analysis the following statements could be concluded:
- This incident on Rainbow bridge highlighted the importance of security and transparency in blockchain technology. The incident was caused by an incorrect configuration of the bridge and resulted in the transfer of funds from the Ethereum blockchain to the NEAR blockchain. Thankfully, the incident was quickly identified, and no funds were lost. This incident serves as an important reminder of the need for secure and transparent blockchain technology. By ensuring that all transactions are properly monitored and recorded, incidents like this can be avoided in the future.
- The decentralized nature of blockchain technology requires robust security measures to protect users’ data and funds from malicious actors. In order to ensure the highest level of security, NEAR has implemented a variety of features such as secure node setup, secure messaging protocols, and advanced cryptographic algorithms. These measures are designed to protect users from identity theft, financial loss due to hacks or scams, and other types of cybercrime. Additionally, NEAR’s smart contract technology makes it possible for developers to create secure applications that are resilient against malicious attacks. By implementing these security measures, NEAR ensures that its users can make transactions with confidence.