Hyperbridge Exploit Mints 1 Billion Unbacked DOT Tokens, Attacker Extracts $250,000 in ETH via Single Transaction
Summary
A sophisticated attacker exploited a missing input validation in Hyperbridge’s proof verification contract on Monday, minting over 1 billion unbacked Polkadot tokens on Ethereum and extracting approximately $250,000 in ETH — all within a single atomic transaction executed at 03:55 UTC on April 13.
The irony was not lost on observers: twelve days earlier, on April 1, Hyperbridge had posted an April Fools’ joke about being exploited. Monday’s bridge update was real.
The confirmed root cause, identified by blockchain security firm BlockSec Phalcon and corroborated by on-chain researcher Defi Nerd, was a missing bounds check in the VerifyProof() function of Hyperbridge’s HandlerV1 contract — the component responsible for authenticating cross-chain messages relayed via ISMP (Interoperability State Machine Protocol). The verifier failed to enforce that leaf_index must be less than leafCount. By submitting leafCount = 1 and leaf_index = 1, an attacker caused the CalculateRoot() function to skip incorporating the actual request commitment into root computation entirely, allowing any message content to pass verification against any historical overlay root. The proof was fully decoupled from the message it was meant to authenticate.
With proof validation neutralized, the attacker delivered a forged governance-style cross-chain message claiming to originate from Hyperbridge’s own governance source identifier. The message instructed TokenGateway — the contract responsible for minting and burning wrapped assets — to reassign admin rights over the bridged DOT token contract to the attacker’s sub-contract. From there, minting 1 billion DOT tokens was a single function call. The full position was swapped through Odos and Uniswap V4 for 108.2 ETH, forwarded back through the attacker’s contract chain, and withdrawn to an externally owned address. Total gas cost: 0.000339 ETH.
The same TokenGateway contract managed four assets, all hit in the same transaction. Beyond 1 billion DOT with a nominal face value of approximately $1.78 billion, the attacker also minted roughly 999 billion ARGN (Argon) tokens and targeted MANTA and CERE, though MEV bots partially captured proceeds from the latter two. Combined notional value of tokens minted exceeded $2.8 billion — a figure that vastly overstated real-world damage, as shallow Ethereum liquidity pools prevented the attacker from realizing more than a fraction of that sum.
The attacker’s wallet was 33 days old, seeded through RAILGUN’s privacy infrastructure, and had spent over a month deploying more than 15 test contracts against live protocol state. Custom zk-SNARK verification keys were pre-deployed via RAILGUN eight and a half months before the exploit — indicating preparation that began well before the vulnerability became public knowledge. Proceeds are currently being laundered through RAILGUN’s shielded pool in 15 ETH denominations. No bridge-out transactions from the primary exit wallet have been observed.
Polkadot confirmed that the exploit was isolated to DOT bridged through Hyperbridge on Ethereum and that the base Polkadot network, its parachains, and natively held DOT were unaffected. Hyperbridge has paused all bridging operations and advised partners to halt related transactions. A formal post-mortem and remediation timeline remain [unconfirmed].
