Bit Forest: Blockchain Security Analysis Report for the first half of 2023

Bit Forest: Blockchain Security Analysis H1 2023


With the continuous advancement of digitalization, blockchain technology has become an important driving force in many fields. It has not only brought disruptive changes to traditional industries such as finance, healthcare, and logistics, but also provided participants with a more open and transparent experience. However, as blockchain technology is widely used, security issues related to it have become increasingly severe. In recent years, security incidents related to blockchain have occurred frequently, causing not only huge losses to individuals and enterprises, but also posing challenges to the development of blockchain technology.

This report summarizes and analyzes the blockchain security incidents in the first half of 2023, aiming to explore the hidden dangers of blockchain security, analyze the causes of blockchain security incidents, and propose corresponding solutions and suggestions. We hope that this report will draw attention to the issue of blockchain security and promote the secure development of blockchain technology, laying a solid foundation for the future of the digital world.

Overview of Economic Losses from Security Incidents

A total of 192 major attack incidents occurred in the first half of 2023, with a total loss of approximately $920 million.

  • There were 4 security incidents with losses exceeding $100 million:

· Euler Finance flash loan attack incident resulted in a loss of $197 million

· Blockchain for dog nose wrinkles fraudulent project caused a loss of $127 million

· BonqDAO & AllianceBlock price manipulation caused a loss of $120 million

· Atomic Wallet wallet theft resulted in a loss of $100 million

  • There were 12 incidents with losses between $10 million and $100 million
  • There were 40 incidents with losses between $1 million and $10 million

Overview of Attack Techniques

According to the analysis of attack techniques used in security incidents, the most frequently used attack techniques are Rug Pull and contract vulnerabilities, both of which occurred 32 times. The second most frequent attack technique was flash loan attacks, which occurred 20 times, accounting for 14.93% of all incident numbers.

Lightning loans caused the largest amount of losses among the top 8 attack methods, resulting in a total loss of $250 million. In second place are blockchain scams, which only occurred seven times but caused losses of $230 million.

Although contract vulnerabilities and rug pulls occurred relatively frequently, accounting for 47.76% of all attack methods, their losses were much lower than the first two, totaling only $66.49 million. The high occurrence rate and huge losses of these attack methods once again highlight the risks in the cryptocurrency market. Although blockchain technology has great potential and prospects for application, it still faces security risks and technical challenges.

Rug pulls occur frequently, with 75% of projects running away with less than $10 million and 28% of projects running away with less than $1 million. These types of projects typically lack information on their official website, Twitter, Telegram, Github, etc., have no roadmap or white paper, and have suspicious team information. The period from project launch to running away usually does not exceed three months.

The losses caused by these security incidents cannot be ignored. It is necessary to strengthen the investigation of project backgrounds, improve awareness of prevention against unfamiliar information, and enhance preventive capabilities in order to avoid losses from occurring.

Overview of Attacked Project Types in Security Incidents

1 On-chain Application

An on-chain application, also known as a decentralized application (dApp), is an application built on blockchain or distributed ledger technology. It uses the characteristics and functions of blockchain for data storage, transaction processing, and smart contract execution.

  • In the first half of 2023, on-chain applications had 157 security incidents, accounting for 81% of the total number of incidents. The total loss of on-chain applications reached $740 million, accounting for 79% of the total loss amount. On-chain applications were the most frequently attacked type and had the highest loss amount in the first half of the year.
  • The frequency of security incidents for on-chain application types was nearly the same in the first half of the year, and the top three reasons for security incidents were Rug Pull, contract vulnerabilities, and Twitter being hacked.


  • Project parties should fully consider the security of the project when designing and building it, consider whether the validation function will be bypassed or if there are defects, and conduct a security audit before the project goes online.
  • Users should investigate and make careful decisions before using investment applications on the chain, and invest cautiously.

2 Exchanges

An exchange is a platform or institution that provides digital asset trading and transaction services. It allows users to exchange one digital asset (such as Bitcoin, Ethereum, etc.) for another digital asset or to buy or sell digital assets for fiat currency (such as U.S. dollars, euros, etc.).

  • In the first half of 2023, exchanges ranked second in the number of security incidents, with a total of 11 security incidents in the exchange field, resulting in a total loss of USD 73.18 million. The main reason for the attack was a contract loophole.
  • Security incidents related to exchanges occur every month, and the amount of losses due to security incidents is not small.


  • Users should be careful when dealing with phishing and malicious links: avoid clicking on untrusted links, especially links received via email or social media.
  • Regularly check account activity; do not store all funds in one place; update and protect devices; choose a trusted security company for advance audits.

3 Public Chains/Side Chains

A public blockchain, also known as a public chain, is a consensus blockchain that anyone in the world can enter at any time to read and anyone can send transactions and receive valid confirmations. A side chain is a blockchain parallel to the main chain, which can be understood as a blockchain extension protocol to meet specific business needs, such as cross-chain asset exchange, private chain extension, and blockchain solutions for specific industries.

  • In the first half of 2023, public chains/side chains ranked third in the number of security incidents. The main reason for the attack was a smart contract loophole.


  • Choose a reliable consensus mechanism.
  • Use secure encryption algorithms to generate and store keys, and use multi-signature technology to increase the security of transactions.
  • Regular security audits should be conducted, including code review, security testing, and vulnerability scanning, to identify potential security vulnerabilities and weaknesses.

4 Cross-Chain Bridge

A Cross-Chain Bridge is a technical solution that allows for the transfer of digital assets between different blockchain networks. Cross-chain bridges typically lock or destroy tokens in a smart contract on the originating chain and unlock or mint tokens through another smart contract on the target chain. Cross-chain communication essentially requires a trade-off between security, trust, and flexibility. Due to the existence of these complex factors, cross-chain bridges have become a major target of attacks in the Web3 field.

  • In the first half of 2023, there were 8 cross-chain bridge security incidents, resulting in a loss of $11.37 million.
  • In 2022, 12 cross-chain bridge security incidents resulted in a total loss of approximately $1.89 billion, ranking first among all project types in terms of losses. Compared to last year, cross-chain bridges have experienced a more serious development trend this year, with 7 security incidents in the first half of the year, plus 10 security incidents with Poly Network and Multichain in recent days. The main reasons for the attacks are smart contract vulnerabilities, flash loans, etc.


  • Project parties should prioritize security when designing cross-chain message transmission protocols.

5 Wallet

A blockchain wallet is an important component of the blockchain and is a digital currency storage and management tool that allows users to securely store, receive, and send various cryptocurrencies, such as Bitcoin, Ethereum, and other tokens. Wallet security has always been a hot topic in the blockchain industry. Once a wallet is attacked, attackers can easily steal sensitive information such as users’ private keys and mnemonics, and then take control of users’ digital assets. The value of these digital assets can be very high, and once stolen, the losses can be very significant. Therefore, in order to maximize the security of users’ digital assets, we recommend that users take some security measures.

  • In the first half of 2023, the number of security incidents involving wallets was relatively small compared to other types, but the losses were larger. For example, the wallet incidents with Atomic and MyAlgo resulted in a total loss of up to $109 million.
  • Wallets rank third in the total number of incidents, and the reasons for security incidents in this category are mostly due to the leakage of private keys and mnemonics.


  • Choose a trusted wallet provider: Choose a wallet provider with a good reputation and reliable track record. Make sure you understand their security practices, such as how they protect sensitive information like user data and private keys.
  • Use two-factor authentication: Enabling two-factor authentication can increase the security of your account. This method requires you to enter a second form of authentication, such as a verification code or fingerprint identification, in addition to your username and password when logging in.
  • Do not share your private key: Your private key is proof of ownership of your cryptocurrency. Do not share your private key with anyone, including your wallet provider. If someone asks you to provide your private key, it is likely to be a scam.
  • Back up your wallet regularly: Backing up your wallet regularly can ensure that you can recover your cryptocurrency in the event of a lost or compromised wallet. You can store backups in a secure location, such as an offline device or hardware wallet.
  • Handle unknown emails or messages with care: Do not open or download emails or messages from unknown sources. These may contain malware or links that could lead to your wallet being compromised.
  • Ensure your computer and mobile devices are secure: Ensure that your computer and mobile devices have the latest antivirus and security updates to protect your devices from attacks.
  • Avoid using unknown Wi-Fi networks in public places, as these networks may be insecure and may be used by hackers to attack your wallet.
  • Ensure your wallet software is up to date: Ensure that your wallet software is the latest version. New versions often contain security updates and fixes that can help protect your wallet from attacks.
  • Stay up-to-date on the latest wallet security information: Stay informed about the latest information and events related to wallet security to help you stay aware of wallet security and take appropriate preventative measures.

Analysis and summary of blockchain security incidents in the first half of 2023

Through the analysis of the blockchain security incidents in the first half of 2023, it was found that on-chain applications were the most frequently attacked and the most costly type of project. There were 157 security incidents in the on-chain application field, 32 of which were based on contract vulnerabilities.

In the face of frequent security incidents, developers should further follow secure coding practices, audit contract code, and use mature security libraries to protect user rights. As users who use smart contracts, they should carefully select contracts and check their code and security before use, and choose a professional security company for auditing. When a security incident occurs, users can do very little, only by constantly improving their security awareness, discovering vulnerabilities in advance, solving vulnerabilities, and taking preventive measures can they avoid being attacked as much as possible.

This report provides information for reference and research only. The information comes from public channels. The author has tried his best to verify its accuracy and completeness, but cannot guarantee its accuracy and completeness, nor does he assume any loss or damage caused by the use or reliance on this information. The report should not be regarded as a recommendation or suggestion for any specific blockchain project or cryptocurrency investment, and readers should conduct their own research and decision-making. The content of this report cannot replace readers’ judgment and decision-making, nor can it guarantee the continued existence or realization of the situation described.