ChainSwap Bridge Mint Bug

On July 11, 2021, the ChainSwap cross-chain bridge linking Ethereum and Binance Smart Chain was exploited for approximately $4 million across 20+ different tokens. The attacker exploited a vulnerability in ChainSwap's smart contract to mint arbitrary tokens on BSC for any project using the bridge. Most affected tokens crashed 95% or more within minutes as the freshly-minted supply hit PancakeSwap.

What happened

ChainSwap operated as the cross-chain rails for dozens of small-cap DeFi projects that wanted Ethereum-BSC interoperability without building their own bridges. Projects deployed ChainSwap-managed contracts on both chains; the bridge handled the minting and burning of tokens during cross-chain transfers.

The vulnerability lived in ChainSwap's mint authorisation logic on the BSC side. The contract was supposed to verify that each minting request had been authorised by a corresponding burn on the Ethereum side. The verification was inadequate — the attacker found a path through which they could submit mint requests without corresponding burns and have them accepted.

With control over the mint function for every project's bridged tokens, the attacker:

1. Minted arbitrary amounts of each project's BSC-side token to their own address.
2. Sold the freshly-minted tokens on PancakeSwap, which was the primary liquidity venue for most of these long-tail tokens.
3. Crashed each token's price by 95% or more as the inflated supply overwhelmed the available liquidity.

Affected projects included:

• Wilder World (WILD)
• Antimatter (MATTER)
• Option Room (ROOM)
• Umbrella Network (UMB)
• Blank, Nord Finance (NORD), Razor Network (RAZOR)
• Peri, Unido (UDO), Oro, Vortex (VTX)
• Corra (CORA), ROCKS, Dafi, Unifarm (UFARM)
• ChainSwap's own native token ASAP

Aftermath

• ChainSwap paused the bridge and began coordinating with affected projects on recovery plans.
• Most affected projects launched token migrations to new contracts and snapshot-distributed new tokens to pre-incident holders.
• The recovery was uneven — some projects emerged stable, others never recovered their pre-incident market positions.
• Stolen funds were laundered through Tornado Cash and similar services.

Why it matters

ChainSwap is one of the cleanest cases for how a single shared-infrastructure compromise cascades across an entire ecosystem of dependent projects. None of the 20+ affected projects had a smart contract bug themselves — they had all simply trusted ChainSwap's bridge to handle the cross-chain mint/burn correctly. When ChainSwap was broken, every project that used it suffered nearly identical economic damage.

The structural lessons:

1. Bridge selection is a project-level security decision, not just an operational choice. The bridge inherits trust over the project's bridged-token supply on every connected chain.
2. Shared mint authority is a single point of failure for the entire user base of every dependent token. Projects that relied on ChainSwap's authorisation should have monitored the bridge's behaviour independently rather than trusting its outputs.
3. Long-tail tokens are particularly vulnerable to bridge incidents because their liquidity is thin enough that even modest amounts of inflated supply collapse their prices. Major tokens with deep liquidity weather similar incidents at much smaller percentage impact.

The 2022 cascade of bridge failures — Wormhole, Ronin, Nomad, Harmony — built on the structural lessons ChainSwap had foreshadowed at smaller scale. By 2022, bridge-related TVL became one of the largest single risk concentrations in all of DeFi.