20 October, 2022 | 11:20 AM

Cross-chain bridge is saved from possible exploit by Twitter user.

Cross-chain bridge is saved from possible exploit by Twitter user.

According to reports, a bug in the BitBTC bridge made it possible for an intruder to create counterfeit tokens on one side of the bridge and exchange them for real ones on the other.

Thanks to the efforts of a keen Twitter user, a cross-chain bridge between BitBTC and the Ethereum layer-2 network Optimism has avoided a potentially costly vulnerability.
Users can send assets between Optimism's network and BitAnt's decentralized finance (DeFi) ecosystem via the custom cross-chain bridge, which includes yield services, NFTs, swaps, and the BitBTC token, where one million BitBTC represents one Bitcoin (BTC tickers down $19,182).
Lee Bousfield, the technical lead for L2 network Abirtrum, highlighted the BitBTC bridge flaw in a tweet on October 18, stating that "BitBTC's Optimism bridge is trivially vulnerable."

Bousfield says that a bug in the BitBTC bridge let an attacker make fake tokens on one side of the bridge and trade them for real ones on the other.
“You can withdraw any token from the Optimism L2 side of the bridge, and that token can choose the L1Token address that was passed to the L1 side of the bridge.However, the L1 bridge mints the arbitrary L1 token instead of paying any attention to what the L2 token was!He also wrote that:

Bousfield stated that it would take "7 days to go through, during which the L1 bridge could be fixed via an upgrade" for the bug to be successfully exploited.
Shortly after this was noted, an attacker attempted to withdraw "200 billion fake BitBTC from Optimism" to test that theory.
According to reports, the attacker claimed that it was a merea test.
In a subsequent update approximately ten hours later, Bousfield also noted that the bug had been fixed after he got in touch with the BitBTC team.
Crypto Express  will update the story if the BitAnt team responds to our request for confirmation of these particulars.
On October 18, the developer of Optimism, Kevin Fichter, confirmed that BitBTC was the source of the issue because it used its own custom bridge rather than the standard bridge that Optimism provides to partners.
Fichter also said that assets "other than BitBTC are not at risk," that a lot of "time and energy" was put into the standard bridge, and that people should use it "unless you know what you're doing," so don't worry about it.