Ronin Network (Bridge): Uninitialized Variable in Contract Upgrade (initializeV3 Skipped)

Summary #

Ronin Network (Bridge) suffered a Bridge / Gaming Infrastructure on 2024-08-06, resulting in a loss of approximately $12M.

What happened #

Six days after a routine upgrade, an MEV bot discovered Ronin's bridge had no withdrawal limits due to a skipped initialization call, drained $12M, then returned it all for a $500K bounty.

Linked factors #

• RD-F-001 — causal : ★ Audit scope mismatch — exploited code outside scope [via dashboard_risk_factors/Was exploited code in audit scope?: No — the specific initializeV3-skip appears to have been a deployment error, not a code-level flaw; the new implementation (MainchainGateway...] || ★ Audit scope mismatch — full field name [via dashboard_risk_factors/Was exploited code in audit scope?: No — the specific initializeV3-skip appears to have been a deployment error, not a code-level flaw; the new implementation (MainchainGateway...]
• RD-F-006 — causal : Audit-deploy gap (RD-F-006 time between audit and deploy) [via dashboard_risk_factors/Exploited code newly deployed/upgraded?: Yes — bridge upgrade deployed 6 days before exploit] || Audit-deploy gap — alternate field name [via dashboard_risk_factors/Exploited code newly deployed/upgraded?: Yes — bridge upgrade deployed 6 days before exploit]
• RD-F-007 — related : Bug bounty absent — baseline integrity gap [via dashboard_risk_factors/Bug bounty: Unknown]
• RD-F-101 — illustrative : Large governance proposal queued — RT signal would have fired [via realtime_signals/Governance/admin action: Y — bridge upgrade deployed 6 days before exploit; this was the trigger]
• RD-F-146 — related : New deploys in last 30 days — fresh attack surface [via dashboard_risk_factors/Exploited code newly deployed/upgraded?: Yes — bridge upgrade deployed 6 days before exploit]