Sky Mavis’ Ronin Network Bridge Exploited for Over $625M

Services have been halted on the Ronin Bridge and Katana DEX

March 29, 2022 12:27 pm

Blockworks exclusive art by axel Rangel

Exploiters used hacked private keys to forge fake withdrawals on March 23
“We are working with law enforcement officials, forensic cryptographers, and our investors to make sure that all funds are recovered or reimbursed,” Ronin Network said in a statement

Ronin Network, an Ethereum-linked sidechain used for blockchain game Axie Infinity, was breached. Hackers exploited the network for roughly $625 million, or 173,600 ether and 25.5 million USDC, according to a Tuesday statement.

Exploiters, per the network’s post, used hacked private keys to forge withdrawals on March 23. The breach, however, wasn’t discovered until Tuesday, when a user was unable to withdraw 5,000 ETH.

Ethereum and USDC deposits on Ronin have been drained from its bridge contract. Users, as of now, are unable to withdraw or deposit funds. The Ronin Bridge and Katana DEX, as a result, have been halted.

Newsletter

Subscribe to The Breakdown

“Sky Mavis’ Ronin chain currently consists of 9 validator nodes. In order to recognize a Deposit event or a Withdrawal event, five out of the nine validator signatures are needed,” the blogpost said. “The attacker managed to get control over Sky Mavis’s four Ronin Validators and a third-party validator run by Axie DAO.”

Loading Tweet..

Sky Mavis, the creator of Axie Infinity, said it is “committed to ensuring that all of the drained funds are recovered or reimbursed.”

“We are working with law enforcement officials, forensic cryptographers, and our investors to make sure that all funds are recovered or reimbursed,” the network said in a tweet.

Most of the stolen ETH remains in the attacker’s wallet, but 6,250 ETH (about $21 million) has been transferred out, including hundreds of ETH sent to the FTX Exchange.

All $25.5 million in USDC has been transferred out to various wallets and DeFi protocols, according to Etherscan.

RON, the native token of the Ronin Network, is down 23% on the news, according to CoinMarketCap.

This is a developing story and may be updated as new information becomes available.

Get the news in your inbox. Explore Blockworks newsletters:

The Breakdown: Decoding crypto and the markets. Daily.
0xResearch: Alpha in your inbox. Think like an analyst.

Tags

Newsletter

The Breakdown

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Digital Asset Summit 2026

Javits Center North | 445 11th Ave

Tues - Thurs, March 24 - 26, 2026

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy tickets learn more

recent research

Research

Kinetiq Protocol: From LST Infrastructure to HIP-3 Deployer

Kinetiq has established itself as Hyperliquid's dominant liquid staking protocol, holding 82.5% of LST market share with $610M in TVL. The protocol is now expanding beyond its kHYPE staking core into higher take-rate verticals: iHYPE for institutional custody rails, Launch for HIP-3 capital formation, and Markets for builder-deployed perpetuals. We view Markets, launching Jan. 12, as the highest-potential product line given its mechanically scalable, activity-linked unit economics. Near-term revenue remains anchored by kHYPE's KIP-2 fee schedule (~$1.6M annualized), while Markets provides embedded optionality if HIP-3 economics normalize post-Growth Mode. KNTQ's setup is relatively clean: zero insider unlocks until November 2026, 6.2% buyback yield from staking revenue, and cleared airdrop overhang. Risks center on unproven Markets execution, declining kHYPE TVL despite ongoing incentives, and competition from Hyperliquid's native initiatives.

by Shaunda Devens