Hyperbridge Vulnerability Enables Minting Bridged DOT
Hyperbridge Vulnerability Enables Minting Bridged DOT
A recent exploit has led to the minting of 1 billion bridged DOT tokens on Ethereum, resulting in approximately $237,000 in losses. The hyperbridge vulnerability has raised concerns about the security of cross-chain bridges.
Understanding the Exploit
The attacker took advantage of a vulnerability in Hyperbridge's gateway contract to mint the bridged DOT tokens. According to CertiK, the attacker forged a message to seize administrative control of the DOT token contract on Ethereum.
Technical Details
Blockchain analytics firm Blocksec Falcon pointed to a replay vulnerability in Merkle Mountain Range (MMR) proofs as the likely root cause. This vulnerability originated from the absence of binding between the proof and its corresponding request.
Impact on the Polkadot Ecosystem
The exploit has had a significant impact on the Polkadot ecosystem, with the price of native DOT falling nearly 4% to $1.18. South Korean exchanges Upbit and Bithumb temporarily suspended deposits and withdrawals of the asset as a precautionary measure.
Consequences for Hyperbridge
The incident has severely questioned Hyperbridge's promise of full node security for cross-chain bridges. The protocol has paused its operations while the team works on an update.
Key Takeaways
- The hyperbridge vulnerability enabled the minting of 1 billion bridged DOT tokens on Ethereum.
- The exploit resulted in approximately $237,000 in losses.
- The incident has raised concerns about the security of cross-chain bridges.
- Hyperbridge has paused its operations while the team works on an update.
Frequently Asked Questions
What is the hyperbridge vulnerability?
The hyperbridge vulnerability is a security flaw that allows attackers to mint bridged DOT tokens on Ethereum.
How much did the exploit cost?
The exploit resulted in approximately $237,000 in losses.
