Arbitrum Saved From Major ETH Loss by White Hat Hacker

An anonymous developer effectively saved Arbitrum from a $250 million loss

by Ornella Hernandez /
article-image

Blockworks Exclusive art by axel rangel

share

key takeaways

  • Arbitrum paid 400 ETH via ImmuneFi to white hat hacker
  • Arbitrum bridge bug was caused by bad initializers in the contract code

Another cryptocurrency vulnerability has been uncovered by a so-called white hat hacker, who found an exploitable bug in the bridge between Ethereum and Arbitrum Nitro.

The hacker, known as riptide on Twitter, outlined their discovery, which comes on the heels of an escalating series of hacks in the bridges that connect different blockchains, which collectively have been drained of hundreds of millions of dollars of predominantly user funds this year. 

Newsletter

Subscribe to Blockworks Daily

Arbitrum, the layer-2 Ethereum scaling solution, paid riptide a bounty of 400 ether (ETH) as a reward via the bug bounty platform ImmuneFi.

The multi-million dollar vulnerability, as riptide called it, would have allowed an attacker to steal all incoming ether deposits from users attempting to bridge their assets between Ethereum layer-1 and layer-2 protocols to Arbitrum.

The initialization-related vulnerability, according to the white hat hacker, would have enabled any nefarious actor to impersonate a user and send the authentication message to the “sequencerInbox” function to execute the vulnerability. 

The largest deposit recorded on the inbox contract was 168,000 ETH, around $250 million, with average deposits ranging from 1,000 to 5,000 ETH in a 24-hour period, riptide said. 

Loading Tweet..

Another Twitter user, smartcontracts.eth, commented that “rollups are still heavily in development,” cautioning his followers to be careful on layer-2 protocols. A layer-2 refers to a mechanism built on top of a blockchain’s core layer, typically to increase scalability or speed, plus introduce additional features. 

A similar bug was seen in the token bridge Nomad’s smart contract, which cost the protocol  $190 million in cryptocurrency in the third-biggest cryptocurrency hack of the year.

Arbitrum recently launched Nitro exactly one year after the rollup’s now-defunct first iteration and ahead of the Merge.

Arbitrum NFTs

Additionally, Arbitrum plans to integrate with NFT marketplace OpenSea on Wednesday. 

A slew of NFT collections built on Arbitrum will be available to buy and sell directly on OpenSea.

OpenSea tweeted that creators would need to find their collections and set their creator fees directly. 

The marketplace recently added the royalties percentages front-and-center on a collection’s page.

Loading Tweet..

Get the news in your inbox. Explore Blockworks newsletters:

  • Blockworks Daily: The newsletter that helps thousands of investors understand crypto and the markets, by Byron Gilliam.
  • Empire: Start your morning with the top news and analysis to inform your day in crypto.
  • Forward Guidance: Reporting and analysis on the growing intersection of crypto and macroeconomics, policy and finance.
  • 0xResearch: Alpha directly in your inbox. Market highlights, data, degen trade ideas, governance updates, token performance and more.
  • Lightspeed: Built for Solana investors, developers and community members. The latest from one of crypto’s hottest networks.
  • The Drop: For crypto collectors and traders, covering apps, games, memes and more.
  • Supply Shock: Tracking Bitcoin’s rise from internet plaything worth less than a penny to global phenomenon disrupting money as we know it.
Tags

Upcoming Events

Permissionless IV

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

buy ticketslearn more

Digital Asset Summit 2025

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

recent research

tg trading bot report graphic.png

Research

Telegram Trading Bots: Robinhood Without Borders

Telegram trading bots have found their primary niche in highly speculative token launches and retail-dominated memecoin markets, with many features specifically tailored to token sniping and copy-trading strategies.

by Danny K

/

news

article-image

BusinessEmpire Newsletter

Stablecoins ‘deserve all the attention’: Paradigm

Paradigm’s Charlie Noyes thinks that the attention on stablecoins is well-deserved after Mesh’s $82 million round

by Katherine Ross /
article-image

Empire NewsletterMarkets

Crypto’s seeing the ‘right tailwinds’: 21Shares

Crypto may benefit from developments during the second quarter after a rough start to the year

by Katherine Ross /
article-image

DeFiLightspeed Newsletter

Multicoin estimates a 3x for Jito’s token

With a friendlier regulatory outlook and the airdrop flow being stemmed, some are looking to how new native tokens can become valuable assets

by Jack Kubinec /
article-image

Forward Guidance NewsletterMarkets

Inflation, consumer spending misses push US stocks lower 

The recent action paints an uncertain picture for future monetary policy moves

by Casey Wagner /
article-image

BusinessForward Guidance Newsletter

Talk around stablecoins, tokenization picking up

Is the finance world becoming “more liquid”? Experts give their takes as TradFi players consider new moves

by Ben Strack /
article-image

The DropWeb3

Arbitrum Gaming Catalyst hires DAO relations rep after token clawback proposal

Is a gaming push worth 200M ARB?

by Kate Irwin /