Potential catastrophic hack involving @hyperbridge and $DOT
$1 BILLION in Polkadot tokens minted out of nothing
Dumped for just $237,000
The only saving grace from absolute chaos was lack of liquidity
Here's exactly what happened:
Someone forged a cross-chain message on Hyperbridge's EthereumHost contract
The state proof check which is the ONE thing standing between a valid message and an unlimited mint, stored an all-zeros commitment
The bridge processed it as legitimate
So the attacker called changeAdmin on the bridged DOT contract and gave themselves full control ๐คฏ
They minted 1 billion tokens in a single transaction and routed through Odos Router V3 into Uniswap V4
108 ETH out, roughly $237K
That's it!
The only reason this wasn't a total DOT killer?
The pool was too shallow and 1 billion tokens overwhelmed the available liquidity and the price collapsed instantly
Basically just good luck and certainly not good security measures
And before anyone calls this an edge case:
Ronin: $600M
Wormhole: $320M
Nomad: $190M
Drift: $280M last month
Same attack surface, different day
Bridges hold admin-level control over token contracts on destination chains.
One validation failure doesn't just trigger an alarm, it hands someone the keys to the mint
CertiK confirmed the attack vector already
Hyperbridge hasn't said a word about whether other bridged token contracts using the same gateway are vulnerable
This is the bridge problem and we're nowhere close to solving it ๐
Mass adoption?
We can't safely move assets between chains because most bridges and overall Web3 security standards are a dumpster fire
Today's $237K accident is next month's $237M
$DOT
$1 BILLION in Polkadot tokens minted out of nothing
Dumped for just $237,000
The only saving grace from absolute chaos was lack of liquidity
Here's exactly what happened:
Someone forged a cross-chain message on Hyperbridge's EthereumHost contract
The state proof check which is the ONE thing standing between a valid message and an unlimited mint, stored an all-zeros commitment
The bridge processed it as legitimate
So the attacker called changeAdmin on the bridged DOT contract and gave themselves full control ๐คฏ
They minted 1 billion tokens in a single transaction and routed through Odos Router V3 into Uniswap V4
108 ETH out, roughly $237K
That's it!
The only reason this wasn't a total DOT killer?
The pool was too shallow and 1 billion tokens overwhelmed the available liquidity and the price collapsed instantly
Basically just good luck and certainly not good security measures
And before anyone calls this an edge case:
Ronin: $600M
Wormhole: $320M
Nomad: $190M
Drift: $280M last month
Same attack surface, different day
Bridges hold admin-level control over token contracts on destination chains.
One validation failure doesn't just trigger an alarm, it hands someone the keys to the mint
CertiK confirmed the attack vector already
Hyperbridge hasn't said a word about whether other bridged token contracts using the same gateway are vulnerable
This is the bridge problem and we're nowhere close to solving it ๐
Mass adoption?
We can't safely move assets between chains because most bridges and overall Web3 security standards are a dumpster fire
Today's $237K accident is next month's $237M
$DOT