Ethical Hackers: Crucial in Securing Defi Protocols – Case Study: Foom Cash

The recent case of Foom Cash illustrates the crucial contribution that ethical hackers, or white hat hackers, make to the security of decentralized financial (DeFi) protocols. They subsequently mitigated an exploit worth a whopping $2,26 million, indicating that their role in Web3 incident response is becoming increasingly important.

Foom Cash, a decentralized lottery system that uses zero-knowledge proofs (mathematical techniques that allow information to be verified without revealing it), fell victim to this exploit. Thanks to the intervention of an ethical hacker, who remains anonymous under the pseudonym Duha, 81% of the stolen funds, or $1,84 million, were recovered. Duha identified a vulnerability and secured the stolen funds before malicious actors could steal them. This not only highlights Duha's expertise but also the need for strong collaborations within the crypto community, such as with Decurity, which led the recovery operations on Ethereum.

Duha's bounty was $320.000, while Decurity received a $100.000 fee for their services. This bounty appears to be not only a financial incentive but also a recognition of the value researchers and hackers bring to the security of such protocols. Duha noted that by taking its bug bounty program seriously, Foom Cash demonstrates its commitment to the security of its protocol.

A fatal deploy error as the cause of the exploit

The $2,26 million exploit was caused by a “fatal” flaw during the deployment process, specifically the omission of a command-line interface (CLI) step during Phase 2 trusted setup. This illustrates how small technical flaws can have catastrophic consequences. In the context of Groth16, a widely used protocol for snark-based zero-knowledge proofs, this means that when the specific circuit contributions are skipped, the gamma (γ) and delta (δ) parameters are left at their default values. This allowed the attacker to present forged proofs, because a placeholder was never randomized.

It is a stark example of how vulnerabilities can exist in blockchain technologies, and how quickly such flaws can be exploited by malicious actors.

The trend of white hat interventions is rapidly increasing, especially as cybercriminals become increasingly adept at moving stolen funds between different blockchains or leveraging privacy tools to cover their tracks. This phenomenon began when the hacker of WazirX, an Indian cryptocurrency exchange, stole over $230 million, making it the largest hack in the crypto space in 2024.

In a proactive approach, the Ethereum Foundation recently partnered with SEAL to establish the “Trillion Dollar Security” initiative. This initiative's primary goal is to combat crypto Wallets that are constantly being emptied. Such collaborations emphasize the need for a collective approach to securing the crypto infrastructure.

Frequently Asked Questions

What are the lessons we can learn from the Foom Cash incident?
The Foom Cash incident demonstrates the importance of strong security protocols and bug bounty programs. It also serves as a reminder of the impact of human error in the development of blockchain technologies.

How can investors and analysts interpret these developments?
For investors and analysts, the rise in white hat interventions could signal a stronger ecosystem better equipped to address threats. It also reflects the appreciation for security researchers in the crypto space.

What does a partnership like the one between the Ethereum Foundation and SEAL mean for the future of crypto security?
Such collaboration offers the opportunity to develop joint strategies aimed at preventing exploits and hacks. This can lead to a more robust ecosystem, ultimately strengthening user confidence in the entire crypto market.