$1mln - Generating ETH from thin air - Aurora rainbow bridge withdrawal logic bug

📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on twitter: https://bbre.dev/tw

This video is an explanation of a vulnerability in Aurora's Rainbow bridge. It could allow a malicious attacker to generate Ethereum from thin air. It was rewarded $1 mln bug bounty.

The bugfix review: https://medium.com/immunefi/aurora-withdrawal-logic-error-bugfix-review-c5b4e30a9160
Thanks to Michał from Halborn for explaining the issue to us: https://halborn.com
The bug was reported via Immunefi: https://immunefi.com/

🖥 Get $100 in credits for …

aurora bounty bridge bug bug bounty eth ethereum logic malicious video vulnerability