The Wormhole Hack and the Future of Biometrics

Sandra Mathews

Mar 28, 2022

It’s only February. The new year has just barely begun – and we already have a major contender for the biggest cryptocurrency hack of the year. Here’s what happened –

On Wednesday, February 2nd, 2022, Wormhole, a “token bridge” making it possible to shift cryptocurrency holdings between blockchains, was exploited. This happened between Solana and Ethereum. The result was a big “pay day” for a hacker (or maybe a group of hackers), to the tune of around $320 million.

How did this happen, why did it happen, and when are we going to read our last article about these kinds of huge hacks? You may recall the Poly Network crypto heist of 2021 where $600 million was stolen (with most of it later returned). And there have been many more (click here for a great Cointelegraph article that discusses crypto heists and why they happen). 

There have been, and will continue to be, many proposed solutions for how to stop these kinds of hacks from threatening crypto communities, and there is zero doubt that hackers will continue to try to find ways to beat all attempts to stop them. For example, let’s discuss 2FA (two-factor authentication). 2FA usually involves an alphanumeric password and a six-digit code sent to your phone. Seems good, right?

Wrong. Typical 2FA is little more than a minor inconvenience to a skilled hacker. It is kind of like the 21st century equivalent of cracking the combination to an old-school safe. A far better solution is biometrics. It is very, very difficult to hack accounts that are secured with biometrics. Could the $321 M Wormhole hack have been prevented if the only way to access the bridge was to use biometrics? Perhaps face and voice biometric solutions like those offered by Finnovant’s Say Tec could have helped in the same way biometric authentication helps keep fraudsters out of your cryptocurrency wallet (that is, if you are using a wallet like Krptic which is secured by face, voice, or face + voice biometrics).

Unless future hacks like the one on the Wormhole Bridge can be prevented, bridges may have to become a thing of the past – very quickly. Ethereum founder, Vitalik Buterin, has been quoted as saying that bridges like Wormhole don’t have a very bright future since there are “fundamental limits to the security of bridges that hop across multiple zones of sovereignty.”