Worries about the stability of Multichain and its total value locked (TVL) of $1.5 billion, sparked a major sell-off of the project’s token, MULTI, yesterday.
The panic was triggered by a tweet claiming that users were reporting delays in receiving assets across the bridge and that an insider was dumping tokens.
A transfer of almost 500,000 MULTI (worth approximately $3.2 million at the time) was made from an address suspected to be either a Multichain team member or an investor. The tokens, which hadn’t been touched since they were first received over a year ago, were sent to the centralized exchange Gate.io, where users inferred they would be sold off.
An address related to the @MultichainOrgteam, 0xb4df, transferred 494,200 $MULTI (3.17M) to@gate_io one hour ago.
— 0xScope (🪬 . 🪬) (@ScopeProtocol) May 24, 2023
Previously, Several users reported in Discord that their cross-chain assets have not arrived for a long time.
Currently, the price of $MULTI has dropped by 14%. pic.twitter.com/1xOAugnFCV
The tweet was then reported by a Chinese-language account, which began to pick up traction due to ambiguity in Twitter’s automated translation, “Hearing the news, Multichain is said to have been arrested, and the cold wallet was controlled, with about 1.5B of funds.”
Rumors then began to spread that the team had been apprehended by Chinese authorities and that assets locked in the bridge may be compromised.
Multichain had published an announcement the day before, warning that certain routes would face delays due to a back-end upgrade; however, the team’s communications in response to the worries left much to be desired.
Eight hours after 0xScope’s original tweet, Multichain responded to the rumors with a statement of its which only led to more questions:
While most of the cross-chain routes of Multichain protocol are functioning well, some of the cross-chain routes are unavailable due to force majeure, and the time for service to resume is unknown. After service is restored, pending transactions will be credited automatically.…
— Multichain (Previously Anyswap) (@MultichainOrg) May 24, 2023
Read more: Explained: Why hackers keep exploiting cross-blockchain bridges
The panic, coupled with the lack of clarity from the team, resulted in a major sell-off of the project’s tokens. The price of MULTI, which had already been dropping since the weekend, fell from around $6.50 to below $4.90 at the time of writing.
Today, users are still waiting on a more detailed statement from the team, MULTI continues to drop in price, and Binance has announced a temporary suspension of deposits for certain Multichain assets.
Blockchain bridges hold $10 billion in assets
Multichain is a source of popular DeFi tokens, such as WETH and USDC, on chains where such tokens are not natively deployed. This means that the value of Multichain tokens on these other chains is derived solely from their counterparts locked in the Ethereum side of the bridge.
The blockchain most dependent on Multichain-backed assets is Fantom. Almost 200 million USDC, 230 million of other stablecoins (MAI, fUSD, and DAI), and $50 million worth of WETH on Fantom are Multichain tokens, according to the project’s dashboard.
If Multichain were to be compromised (or hacked, as happened in 2021 before a rebrand from Anyswap) the bridged tokens would rapidly become worthless without their mainnet backing.
Blockchain bridges hold a combined $10 billion in assets, making them the fourth largest category of DeFi protocol, according to DeFiLlama. They are critical infrastructure for moving assets between blockchains, each of which is a closed system.
Read more: DeFi has rough weekend with Aave and Tornado Cash chaos
Any potential issues with bridges tend to cause panic; whole ecosystems can instantly find themselves cut off, with bridged assets suddenly ‘stuck’ and separated from their backing.
Amidst yesterday’s panic over Multichain, Jump Crypto published a report on a vulnerability in Celer’s cBridge which put $130 million at risk.
The immense concentration of funds also makes bridges a prime target for hackers. Last year saw a number of nine-figure bridge exploits, including Binance’s BNB Bridge, Nomad, Ronin and Wormhole.