In this Crypto Corner episode, Lars Doucet, Anil Das-Gupta and Chong Ahn join your host Nico Vereecke to talk about the Recent Ronin exploit and what it means for the future of Axie Infinity. The team covers what exactly goes into blockchain bridges, how the hack occurred, and what happens next. The group also dives into the new Axie game and what Sky Mavis can do in the wake of one of crypto’s largest-ever hacks.

Quick Rant on Terminology of “GameFi”

  • If “DeFi” means Decentralized Finance → “GameFi” technically means Game Finance
  • There are games that could be characterized as “GameFi” like DeFi Kingdoms, but this doesn’t seem indicative of the entire space of gaming
  • Counter: when speaking with DeFi or general Web3 users, “GameFi” is a much easier term to understand vs. “blockchain gaming”

Ronin Network + Exploit

  • Ronin mainnet was launched one year ago - an Ethereum sidechain to reduce user friction
    • No gas fees = free transactions
  • All sidechains have bridges : smart contracts that allow for assets to be transferred between blockchains
    • Assets are sent to an escrow and an equivalent amount of the asset are then released to the user on the receiving chain
  • Sky Mavis only has 9 validators (nodes that reach consensus + confirm new transactions)
    • Increased scalability, but decreased decentralization
  • Because 5 of those validators were compromised, hackers were able to take ETH out of original contract

 Ronin Exploit

❌ 173,600 Ethereum and 25.5M USDC were taken from the bridge : > 600M in assets

  • Assets backing the bridge were taken
  • More of a security + social issue → nothing went wrong on the blockchain
  • Blockchain Trilemma : Concept that when building a blockchain, can only prioritize 2 out of 3 characteristics → Scalabity, Security, and Decentralization

“When asked what they learned from something that went wrong, junior devs will tell you about a plan to avoid making that mistake again....senior devs will recognize the inevitability of human failure and explain how they built that assumption into future planning”

  • Most blockchain hacks are social engineering hacks, and your money is lost regardless
  • Issue of decentralization where there is no centralized trusted service to ensure users are protected.....trustless services like Ronin network can become more complicated to fix

What Happens Next ?

Hacker is still at large - has not focused on off-ramping majority of funds → can’t tell if they’re white-hat or just inexperienced

  • Interesting that they’re sophisticated enough to figure out such a huge exploit, yet most funds have not moved

3 Options:

  1. Post a bounty - Publicly state that the hackers exploit was fair and would hurt the community long-term, offer reward to hacker if rest of funds are restored
  2. Hypothetically the Axie Infinity treasury could restore the funds (has ~1.2B of AXS + ~200M of WETH at current value), but could deplete long-term potential of treasury + cause supply shock
  3. Go to investors and ask for additional funding to fix the situation since they can’t/don’t want to use treasury funds
    • Seems likely, won’t look good for the industry as a whole and since the team has more than proved their worth in building/shipping a game

No investor will ever sacrifice that they’re on notice, seems like there will be a larger push towards centralization

  • Likely that Ronin will add more nodes, and add multisig to the owners of the validator nodes, lots of other L2’s that use this mechanism

Switching to New Gameplay (Origin)

  • Brand new game - emphasis on making it free-to-play that’s a lot more accessible
  • Throughout all types of games, product will have certain lifecycle, and over time when lifecycle diminishes, it will get sunsetted
    • Pushing Origin (Battles v3) in light of the exploit is a vote of confidence towards team believing in long-term vision of the Axie universe
    • Difficult to tell whether this exploit will accelerate the speed of sunsetting, or if it’s just “business as usual” and another opportunity for SM to course-correct and continue innovating
  • Most games get popular and spike, and then settle on a baseline....then monetize based on the amount of users that they have
    • Since Axie has take-rate of 4.25% of all marketplace volume, they make money from the volume of users they’re adding, not from the their recurring users

Closing Thoughts

  • Regardless of terminology around “play-and earn” or “play-to-own”, there is an inevitable change in dynamic that games have to prioritize enjoyable experiences
    • If games have to be fun-first, players are the one who end up creating and harvesting the value of time spent in games
    • The way game designers + product managers have to approach behavioral outcome has to change as well
  • Slowly moving towards having a multi-layered blockchain ecosystem
    • Base layer will be very decentralized and very safe
    • The higher the layer, the more transactions are bundled as throughput, scalability, and centralization also increases