Taiko Bridge Forged-Proof Exploit
A leaked SGX signing key in Taiko's public GitHub let an attacker forge bridge proofs and drain about $1.7M from the L1 Bridge and ERC20Vault on Ethereum.
An archive of cryptocurrency security incidents — hacks, exploits, bridge failures and rug pulls, documented with on-chain evidence.
A leaked SGX signing key in Taiko's public GitHub let an attacker forge bridge proofs and drain about $1.7M from the L1 Bridge and ERC20Vault on Ethereum.
A flawed Secret Network bridge contract let an attacker forge IBC packets and mint unbacked saTokens, draining roughly $4.67M of Axelar-bridged assets.
A proof-validation flaw in Syscoin's cross-chain bridge let an attacker mint roughly 5 billion unauthorized SYS — over five times the supply — worth just under $10M.
An attacker submitted forged guardian VAAs to Alephium's Wormhole-fork TokenBridge, draining about $815,000 of custody assets from Ethereum and BNB Chain in roughly seven minutes.
Gravity Bridge, the Cosmos-Ethereum cross-chain bridge, was drained of roughly $5.4 million after attackers apparently compromised validator signing keys and forged unauthorized withdrawals.
Verus-Ethereum bridge paid out $11.58M after an attacker submitted a 0.02 VRSC export — no source/destination value-binding check on either side.
$292M unbacked rsETH minted after attackers exploited KelpDAO's 1-of-1 LayerZero DVN setup; the largest DeFi hack of 2026, with TVL falling $13B after.
1B bridged DOT minted on Hyperbridge after a missing bounds check in VerifyProof let an attacker forge MMR proofs; realised loss ~$2.5M.
$4.3M drained from IoTeX's ioTube bridge via a validator key compromise; attacker also minted 111M CIOTX and 9.3M CCS. IoTeX pledged full user compensation.