Ethereum PoW Fork Suffers its First Smart Contract Hack

The Ethereum PoW fork is off to a rocky start — one of the network’s smart contracts has endured a hack, triggering collapsing prices

by Sebastian Sinclair&David Canellis /
article-image

Source: Shutterstock

share

key takeaways

  • An attacker has raided ETHW from a smart contract on the Ethereum proof-of-work fork
  • Cybersecurity researchers warn similar attacks could occur on other ETHW smart contracts

ETHPoW (ETHW), the fledgling proof-of-work (PoW) Ethereum fork, has seen its first significant smart contract hack since the network split late last week.

Blockchain security infrastructure firm BlockSec first alerted users of a so-called ‘replay attack’ on Sunday, which leveraged legitimate transactions on the proof-of-stake (PoS) Ethereum blockchain alongside DeFi application Gnosis and multi-token extension OmniBridge.

Replay attacks and exploits can occur when cryptocurrencies — in this case wrapped ether (WETH) and ETHW — are treated as the same asset, even though they technically exist on completely separate blockchains.

Newsletter

Subscribe to Blockworks Daily

Ethereum transitioned its PoW-powered consensus model to PoS with a hard fork last Thursday. This formally ditched crypto miners in favor of collateralized validators, who, rather than run power-hungry GPU miners, stake crypto in the network for the right to process transactions.

In a bid to continue mining, some Ethereum participants opted to support a PoW fork in ETHW, a network which when deployed mirrored every single Ethereum-bound asset, including ether, NFTs and smart contracts underpinning protocols such as Gnosis and OmniBridge.

BlockSec told Blockworks the attack was not a replay exploit “on the chain level” but rather one resulting from a contract vulnerability. This means neither Gnosis nor the Ethereum and ETHW networks were hacked. Instead, the OmniBridge smart contract on the proof-of-work fork mistakenly paid out funds.

First, the exploiter transferred 200 wrapped ether (WETH), currently worth $260,000, through the Ethereum blockchain’s OmniBridge protocol to the Gnosis network. 

The hack consisted of replaying the same transaction message on the Ethereum PoW fork to receive 200 ETHW from that network’s copy of the OmniBridge smart contract.

ETHW markets tanked about 40% after word of the exploit first broke — from $8 to $5. It’s unclear whether the attacker cashed out the 200 ETHW stolen in the attack but it’s now worth about $1,000.

The attack was possible due to the OmniBridge on the PoW chain still accepting transactions that reference the proof-of-stake Ethereum blockchain’s “chainID,” a variable that serves as a unique identifier for different blockchain networks. The PoW fork uses a different chainID to help separate actions between the two networks.

“As a result, the balance of the chain contract deployed on the PoW chain would be drained,” BlockSec wrote. Security researchers warned such attacks could occur on ETHW in the leadup to the fork.

Gnosis co-founder Martin Koppelmann later tweeted to say that both Gnosis and Ethereum were in “no way affected.” 

“We do not support the (ETHW) chain and do not see us responsible for what is happening on that chain,” Koppelmann said. He said the attacker had spun up false bridge activity to drain funds on ETHW.

A suggestion to deactivate the bridge’s links to ETHW, effectively closing this particular security loophole, will be put forth to the governance team overseeing OmniBridge, he said. BlockSec warned in a blog that similar incidents could occur elsewhere across the ETHW network.

ETHW Core, the stewards of ETHW,  confirmed Sunday the attack involved a bridge contract vulnerability and had notified OmniBridge “in every way” to inform them of the risks but had yet to receive a response.

Get the news in your inbox. Explore Blockworks newsletters:

  • Blockworks Daily: The newsletter that helps thousands of investors understand crypto and the markets, by Byron Gilliam.
  • Empire: Start your morning with the top news and analysis to inform your day in crypto.
  • Forward Guidance: Reporting and analysis on the growing intersection of crypto and macroeconomics, policy and finance.
  • 0xResearch: Alpha directly in your inbox. Market highlights, data, degen trade ideas, governance updates, token performance and more.
  • Lightspeed: Built for Solana investors, developers and community members. The latest from one of crypto’s hottest networks.
  • The Drop: For crypto collectors and traders, covering apps, games, memes and more.
  • Supply Shock: Tracking Bitcoin’s rise from internet plaything worth less than a penny to global phenomenon disrupting money as we know it.
Tags

    Upcoming Events

    Permissionless IV

    Industry City | Brooklyn, NY

    TUES - THURS, JUNE 24 - 26, 2025

    Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

    buy ticketslearn more

    Digital Asset Summit 2025

    Old Billingsgate

    Mon - Wed, October 13 - 15, 2025

    Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

    buy ticketslearn more

    recent research

    Research Report Templates.jpg

    Research

    Evaluating Bluefin’s Precarious Market Position

    Bluefin possibly stands at an inflection point. The token is near an all-time low yet the protocol’s spot volume market share and derivatives exchange usage have been increasing month over month since its November launch. Given its current market position and the upcoming upgrades (for both Bluefin and SUI), there may be upside potential before the increased supply growth in December. However, strong opposition from existing competitors (like Cetus and Suilend), as well as new entrants (like Aftermath), pose key challenges to Bluefin’s medium-term success.

    by Marc-Thomas Arjoon, CFA

    /

    news

    article-image

    Policy

    Trump’s SEC pick grilled on past agency actions, conflicts of interest 

    Top Committee Democrat Sen. Elizabeth Warren in her opening statement accused Atkins of “helping billionaire CEOs like Sam Bankman-Fried”

    by Casey Wagner /
    article-image

    0xResearch NewsletterDeFi

    COTI launches V2 mainnet: A new era of privacy-focused L2 solutions

    Introducing garbled circuits for enhanced privacy and regulatory compliance

    by Donovan Choy /
    article-image

    AnalysisSupply Shock

    How Silk Road carved the fault line that separates ‘bitcoin’ and ‘crypto’

    Ross Ulbricht was a freedom maximalist building freedom tech, powered by Bitcoin

    by David Canellis&Pete Rizzo /
    article-image

    DeFiLightspeed Newsletter

    Solana startups spin up validators for revenue and ‘soft power’

    Solana validators can reap benefits including payments, votes and community clout

    by Jack Kubinec /
    article-image

    Sponsored

    WCT’s Role in the Onchain Economy

    WalletConnect is cementing itself as the essential connectivity layer, ensuring wallets remain the entry point for billions of users

    article-image

    Business

    Galaxy to pay $200M to New York over alleged LUNA manipulation

    According to a legal filing, Galaxy Digital helped boost the price of LUNA while quietly selling its tokens

    by Katherine Ross /