A security flaw in the Wormhole bridge on the Aptos network, if left undiscovered, could have resulted in $5 million worth of losses, according to blockchain security platform CertiK.
The flaw, discovered and reported by CertiK, arose from an incorrect implementation of modifiers in the MOVE programming language.
CertiK found a problem with the publish_event function in the Wormhole bridge, letting anyone use it. This could have led to fake transactions and big losses.
After informing the Wormhole team, a patch was developed and implemented promptly, closing the security loophole and preventing potential exploitation.
In addition to fixing the flaw, Wormhole reduced the governor rate limits on Aptos from $5 million to $1 million to limit potential losses in case of future exploits. This adjustment ensures enhanced security measures and minimizes risks for users.
With the flaw patched, Wormhole performed a retrospective analysis, confirming no illicit fund transfers and assuring users’ balances remained safe.
Also Read: CertiK: April Sees Decline in Crypto Hacking Losses
