Polkadot bridge exploit

A bridge is software that lets one blockchain recognize assets from another, the way a baggage tag lets one airport trust a suitcase from somewhere else. On April 13, Hyperbridge’s Ethereum gateway accepted a forged message and let an attacker mint 1 billion bridged Polkadot tokens on Ethereum. (blog.hyperbridge.network) Hyperbridge said the realized loss was roughly $237,000, even though the forged supply carried about $1 billion in face value at prevailing prices. The attacker sold part of the fake tokens on decentralized exchanges for about 108.2 ether, according to CoinDesk and other on-chain reports. (coindesk.com) (decrypt.co) The reason the cash-out stayed small is that bridged tokens need buyers and liquidity on the chain where they trade. On Ethereum, the attacker could print 1 billion bridged DOT, but shallow liquidity meant dumping them only produced a few hundred thousand dollars before the market price collapsed. (decrypt.co) (beincrypto.com) Hyperbridge said the breach was isolated to bridged DOT on Ethereum and did not affect native DOT on the Polkadot relay chain, Polkadot parachains, or other bridged assets. The team said it paused all bridging operations shortly after detecting the exploit. (blog.hyperbridge.network) That distinction matters because a bridged token is an Ethereum-side representation of an asset, not the asset on its home chain. In this case, the failure was in the bridge’s verification logic on Ethereum, not in Polkadot’s base network or token issuance. (blog.hyperbridge.network) (coindesk.com) Hyperbridge said its Token Gateway was designed to verify transfers with cryptographic proofs instead of a trusted group of signers. The team said the exploit came from a flaw in Merkle Mountain Range proof verification, which let an invalid proof pass as valid and hand the attacker administrative control of the bridged DOT contract. (blog.hyperbridge.network) Hyperbridge later said the root cause was missing input validation in the `VerifyProof` function of its HandlerV1 contract. BlockSec said the verifier did not enforce a check that `leaf_index` be smaller than `leafCount`, which opened the way for proof forgery. (blog.hyperbridge.network) The exploit also forced exchanges to think about fake-deposit risk, where a platform might credit tokens that should never have existed. The Block reported that Upbit and Bithumb temporarily suspended deposits and withdrawals for Polkadot after signs of the incident spread. (theblock.co) Bridge hacks have been one of crypto’s most expensive recurring failures, and Hyperbridge itself framed its design as an answer to that history. This time, the system built to remove human trust failed in the code that was supposed to replace it. (blog.hyperbridge.network) Hyperbridge said it is working with security teams to track and recover funds and will resume bridging only after adding more security measures. For Polkadot holders, the immediate question is no longer whether 1 billion native DOT appeared out of nowhere, but when confidence in the Ethereum-side bridge can be restored. (blog.hyperbridge.network)