An attacker exploited a critical flaw in the Hyperbridge cross-chain gateway on Sunday, successfully minting 1 billion bridged Polkadot (DOT) tokens on the Ethereum network. Despite the massive nominal value of the minted assets, the attacker walked away with only $237,000 in ether after dumping the tokens into a shallow liquidity pool.
Security analysts confirmed that the incident was limited to the Hyperbridge gateway contract. Polkadot’s core network and its native DOT tokens remain secure and unaffected by the breach.
Anatomy of the Bridge Failure
The vulnerability originated in the way the Hyperbridge EthereumHost contract handles incoming cross-chain messages. According to on-chain data, the attacker bypassed state proof validation protocols by submitting a forged message through the 'dispatchIncoming' function.
This message was routed to the 'TokenGateway.onAccept' function, which failed to properly verify the request against a valid state commitment from the Polkadot network. Instead of confirming the proof, the system accepted an all-zeros commitment value, granting the attacker administrative control over the bridged token contract.
Once control was established, the attacker minted the 1 billion DOT tokens. However, the attempt to cash out faced a significant hurdle: the Ethereum-based DOT liquidity pool was not deep enough to absorb such a large volume of tokens. Consequently, the attacker was only able to extract approximately $237,000 before exhausting the available liquidity.
Bridges are increasingly becoming the focal point of decentralized finance security risks. Because these protocols often hold administrative powers over token contracts on destination chains, a single validation error can lead to total supply manipulation.
This event follows a trend of high-profile bridge incidents in 2026. Last month, attackers drained $270 million from the Drift Protocol on the Solana network. While the Hyperbridge incident resulted in a comparatively small financial loss, industry observers warn that the same underlying vulnerability could lead to catastrophic losses if applied to protocols with deeper liquidity or higher-value assets.
