Axie Infinity Developers ‘Made Some Trade-offs’ That Enabled $625M Ronin Breach

The game’s creator, Sky Mavis, has raised $150 million to reimburse users affected by the theft

article-image

Blockworks Exclusive art by axel rangel

share

key takeaways

  • Hackers breached the Ronin Network for over $625 million on March 29
  • On Wednesday, Binance said that it has fully resumed withdrawals and deposits on the Ronin Network

A week after one of the largest cryptocurrency hacks to date — a $625 million breach on the Ronin Network bridge — Sky Mavis, the company that built it, acknowledged that its haste to grow the platform’s user base may have caused it to cut corners on security.

The Ronin Network is an Ethereum-linked sidechain used for blockchain game Axie Infinity. The bridge connecting it to the Ethereum mainnet was exploited, and an attacker drained 25.5 million USDC and 173,600 ETH on March 29, totaling about $625 million.

“While racing for mainstream adoption, we made some trade-offs that ended up leaving us vulnerable to this sort of attack,” Axie Infinity said in a blogpost. “It’s a lesson that we’ve learned the hard way.”

Sky Mavis announced a $150 million raise, led by Binance, to reimburse affected users. Other contributors to the round include Paradigm, Animoca Brands, Dialectic, Accel and Andreesen Horowitz.

“Sky Mavis is committed to reimbursing all of our users’ lost funds and implementing rigorous internal security measures to prevent future attacks,” Trung Nguyen, chief executive of Sky Mavis, said in the Wednesday statement.

On Wednesday, Binance said that it has fully resumed withdrawals and deposits on the Ronin Network after suspending them last week.

“In order for the global ecosystem to continue thriving and maturing, it is imperative that we work together, especially when it comes to security, which is our strong suit,” Changpeng “CZ” Zhao, chief executive of Binance, said in a statement.

Of the stolen ether, more than 170,000 ETH remains in the attacker’s wallet, and thousands of ETH have been transferred to Tornado Cash, a privacy tool for Ethereum.

“Sky Mavis’ Ronin chain currently consists of 9 validator nodes. In order to recognize a Deposit event or a Withdrawal event, five out of the nine validator signatures are needed,” per the breach’s announcement. “The attacker managed to get control over Sky Mavis’s four Ronin Validators and a third-party validator run by Axie DAO.”

The Ronin Network bridge will reopen, Sky Mavis said, once it has undergone significant audits and security upgrades, which can take several weeks.

Among the security improvements, Sky Mavis will increase the validator group to 21 validators within the next three months, which will be split among various stakeholders including partners, community members and long-term allies.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Research

article-image

Crypto is still on a mission — and still needs users

article-image

After its first phone drew jeers from a popular tech YouTuber, Solana Mobile delivered on its newest device

article-image

Markets strongly suspect that committee members will make the first interest rate cut of 2025

article-image

After four days of deliberation, the jury found Roman Storm guilty on Wednesday of one federal count

article-image

Pendle’s new platform transforms perp funding into tradable yield units — paving the way for a full-stack onchain fixed-income ecosystem

article-image

9.6% of crypto industry employees were paid in crypto, and most opted for USDC and USDT