Skip to main content
Sign in
Alephium1 decision on this page

Audit log

Every state-changing event for Alephium: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-06-04 03:31:40Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 424,162,727
    sig
    21SCq5wXWTrP…sRn3vkZmexplorer ↗
    hash
    23T64ZnCMkNy…bpA8BDYGsha256 → base58
    verifying row…full verify ↗
    canonical bytes (18034 B) ▸
    {"actor":"system:backfill","investigation_id":"70a2e4e0-fb4c-405d-a273-42da16a1507b","kind":"publish","page_slug":"alephium","published_at":"2026-06-04T03:31:40.134Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Alephium","sections":[{"content":"Alephium is a Layer-1 blockchain developed by Alephium Ltd, headquartered in Switzerland. It was founded in 2018 by Cheng Wang, a PhD graduate of EPFL (Ecole Polytechnique Federale de Lausanne) who previously researched distributed consensus algorithms. The project introduced the BlockFlow sharding algorithm, a stateful UTXO model, a custom virtual machine called Alphred, and a consensus mechanism called Proof-of-Less-Work (PoLW), which the team claims reduces energy consumption relative to traditional Proof-of-Work chains. The mainnet launched on November 8, 2021. A pre-sale funding round of $3.6 million was completed in October 2021, with investors including Alphemy Capital and White Paper Capital. As of June 2026, the circulating supply is approximately 133.3 million ALPH against a maximum supply of 1 billion ALPH, with a market capitalization of approximately $4.5 million USD.","heading":"Background and Overview","severity":"low","sources":[{"credibility":1,"name":"Alephium Official Website","type":"official","url":"https://alephium.org/"},{"credibility":1,"name":"Alephium Documentation","type":"official","url":"https://docs.alephium.org/"},{"credibility":2,"name":"Alephium Mainnet Launch - TheNewsCrypto","type":"news_article","url":"https://thenewscrypto.com/alephium-launches-its-mainnet-providing-secure-smart-contracts/"},{"credibility":2,"name":"Alephium Funding - Messari","type":"research","url":"https://messari.io/project/alephium/fundraising"},{"credibility":2,"name":"Alephium Price Today - CoinMarketCap","type":"other","url":"https://coinmarketcap.com/currencies/alephium/"}]},{"content":"On May 29-30, 2026, Alephium's TokenBridge — a private fork of the Wormhole bridge protocol operating with only four guardians compared to Wormhole mainnet's nineteen — was exploited for approximately $815,000 across Ethereum and BNB Chain. The attack was detected by blockchain security firm Blockaid. The attacker completed the primary drain in approximately 64 seconds on Ethereum and then moved to BNB Chain within three seconds of completing the Ethereum leg, with the entire operation concluding in roughly seven minutes. Assets drained from Ethereum included 200,967.31 USDT, 17,594.63 USDC, 5.18 WETH, and 0.335 WBTC. From BNB Chain, an additional 36,750.106 USDT and 24.386 WBNB were removed. In addition to draining locked assets, the attacker minted 13,757,076.37 wrapped ALPH (wALPH) tokens on Ethereum without any corresponding ALPH being locked on the Alephium chain — a quantity that exceeded Alephium's entire prior Ethereum-side circulating wALPH supply. Approximately 500,000 of the minted wALPH tokens were sold on Uniswap before the team could act, while an additional approximately 400,000 entered liquidity pools. Proceeds from stolen assets were reported to have been partially routed through Tornado Cash for obfuscation.","heading":"May 2026 TokenBridge Exploit — $815,000 Drained","severity":"critical","sources":[{"credibility":2,"name":"Alephium Bridge Loses $815K to Forged Guardian Messages — The Defiant","type":"news_article","url":"https://thedefiant.io/news/hacks/alephium-bridge-815k-forged-guardian-messages"},{"credibility":2,"name":"Alephium Bridge Exploited for $815K, 13.76M Unbacked ALPH Minted — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/05/30/alephium-bridge-exploited-for-815k-13-76m-unbacked-alph-minted/"},{"credibility":2,"name":"Bridge Breach Unpacked: Alephium Traces $815K Hack Step by Step — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/06/03/bridge-breach-unpacked-alephium-traces-815k-hack-step-by-step/"},{"credibility":2,"name":"Fake Bridge Messages Let Hacker Drain $815,000 From Alephium — BeInCrypto","type":"news_article","url":"https://beincrypto.com/alephium-bridge-exploit-forged-messages/"},{"credibility":2,"name":"Alephium TokenBridge Hacked, $815,000 in Assets Stolen — Phemex","type":"news_article","url":"https://phemex.com/news/article/alephium-tokenbridge-hacked-815000-in-assets-stolen-86934"}]},{"content":"Initial reporting attributed the exploit to compromised guardian private keys, but subsequent analysis by Blockaid and Alephium's own post-mortem traced the root cause to an off-chain vulnerability in the bridge backend. The attacker began preparations at 02:36:23 UTC on May 30 by purchasing a small quantity of wALPH on Uniswap, then deployed a malicious smart contract at 06:30:47 UTC that used a LOG7 opcode to emit forged Wormhole-style messages. Between 07:00 and 09:00 UTC, the attacker caused deliberate connectivity disruptions to bridge nodes, forcing the system into a backup or fallback verification mode. This degraded state allowed the custom malicious contract's forged Verified Action Approvals (VAAs) to be observed and countersigned by the bridge's guardian nodes, which were tricked into treating them as legitimate events. The primary attack executed at 09:16:59 UTC and concluded on Ethereum by 09:17:59 UTC, with BNB Chain assets drained at 09:18:02 UTC. Alephium's post-mortem confirmed that the TokenBridge's smart contract code itself functioned as designed — the vulnerability was entirely in the off-chain backend infrastructure. The bridge used a reduced guardian set of four operators (identified as Swiss entities Bity and Alt, and community operator NoTrustVerify), with a quorum threshold of three required. Three of four guardian keys were apparently leveraged in the attack, meeting the signing quorum for the forged transfers.","heading":"Attack Mechanism and Root Cause","severity":"critical","sources":[{"credibility":2,"name":"Bridge Breach Unpacked: Alephium Traces $815K Hack Step by Step — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/06/03/bridge-breach-unpacked-alephium-traces-815k-hack-step-by-step/"},{"credibility":2,"name":"Alephium Reveals Cause of $815K Bridge Exploit, Promises Compensation — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/05/30/alephium-reveals-cause-of-815k-bridge-exploit-promises-compensation/"},{"credibility":2,"name":"Alephium Bridge Loses $815K to Forged Guardian Messages — The Defiant","type":"news_article","url":"https://thedefiant.io/news/hacks/alephium-bridge-815k-forged-guardian-messages"}]},{"content":"Alephium shut the TokenBridge down immediately upon detection and stated that the exploit pathway was fully neutralized. The team publicly warned users to withdraw liquidity from ALPH-paired pools on Uniswap and PancakeSwap. On June 2, 2026, Alephium executed a governance upgrade to burn the unauthorized wALPH held in the attacker's wallet. A total of 13,257,077.37295 wALPH was destroyed, representing approximately 96.4% of the fraudulently minted supply. The remaining approximately 500,000 wALPH that had already entered market trading remained in circulation; Alephium committed to injecting native ALPH to fully back those tokens and prevent losses to secondary holders. The team also stated that ALPH locked within the bridge itself was not drained, preserving the recovery path for users with bridged assets. On June 3, 2026, Alephium published a step-by-step post-mortem tracing the full attack sequence. Compensation details for affected bridge users were promised as a forthcoming announcement. A full bridge relaunch is planned pending comprehensive security review, with the team stating: 'We prioritize security over speed.'","heading":"Team Response and Recovery Actions","severity":"high","sources":[{"credibility":2,"name":"Alephium Burns Unauthorized wALPH After Bridge Attack — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/06/03/alephium-burns-unauthorized-walph-after-bridge-attack/"},{"credibility":2,"name":"Alephium Reveals Cause of $815K Bridge Exploit, Promises Compensation — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/05/30/alephium-reveals-cause-of-815k-bridge-exploit-promises-compensation/"},{"credibility":2,"name":"Bridge Breach Unpacked: Alephium Traces $815K Hack Step by Step — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/06/03/bridge-breach-unpacked-alephium-traces-815k-hack-step-by-step/"}]},{"content":"The Alephium TokenBridge operated as a private fork of the Wormhole guardian-model bridge with a significantly reduced trust surface: four guardians versus Wormhole's nineteen on mainnet. The exploit exposed systemic risks inherent in small-quorum guardian-model designs, where a smaller number of validators must be compromised or deceived to meet the signing threshold. The attack did not require compromising guardian key material directly — instead, it manipulated the off-chain message-observation layer to make guardians countersign forged events during a period of induced infrastructure instability. The June 3 post-mortem described this as an off-chain bridge infrastructure risk common to guardian-model designs broadly, not an Alephium-specific smart contract flaw. The total loss of $815,000 is disproportionately large relative to Alephium's market capitalization of approximately $4.5 million at the time of the exploit. The incident highlights the gap between on-chain contract correctness and off-chain infrastructure security in cross-chain bridge systems.","heading":"Bridge Architecture Risk and Guardian Model Concerns","severity":"high","sources":[{"credibility":2,"name":"Bridge Breach Unpacked: Alephium Traces $815K Hack Step by Step — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/06/03/bridge-breach-unpacked-alephium-traces-815k-hack-step-by-step/"},{"credibility":2,"name":"Alephium Bridge Loses $815K to Forged Guardian Messages — The Defiant","type":"news_article","url":"https://thedefiant.io/news/hacks/alephium-bridge-815k-forged-guardian-messages"},{"credibility":2,"name":"Alephium warns to withdraw liquidity — Bitget News","type":"news_article","url":"https://www.bitget.com/asia/amp/news/detail/12560605436315"}]},{"content":"At the time of the exploit on May 30, 2026, ALPH was trading in the range of approximately $0.036 to $0.041 with a market capitalization below $6 million. The unauthorized minting of 13.76 million wALPH exceeded the prior total Ethereum-side circulating wALPH supply, representing a significant inflation event on the Ethereum-mirrored asset. Approximately 500,000 wALPH were sold on Uniswap before the team could intervene, suppressing the wALPH price and creating losses for holders who transacted against that liquidity. As of June 3, 2026, CoinMarketCap reported ALPH at approximately $0.034 with a market cap of approximately $4.56 million, down roughly 13% over the prior seven days, reflecting post-exploit market pressure. The bridge remains offline as of the investigation date.","heading":"Market Impact","severity":"high","sources":[{"credibility":2,"name":"Alephium Price Today — CoinMarketCap","type":"other","url":"https://coinmarketcap.com/currencies/alephium/"},{"credibility":2,"name":"Alephium Bridge Exploited for $815K, 13.76M Unbacked ALPH Minted — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/05/30/alephium-bridge-exploited-for-815k-13-76m-unbacked-alph-minted/"}]},{"content":"No regulatory actions, SEC or CFTC enforcement proceedings, or legal filings involving Alephium or its founders were identified in publicly available records as of the investigation date. Alephium is incorporated and operates from Switzerland.","heading":"Regulatory and Legal History","severity":"low","sources":[]}],"sources_used":[{"credibility":2,"name":"Alephium Bridge Loses $815K to Forged Guardian Messages — The Defiant","type":"news_article","url":"https://thedefiant.io/news/hacks/alephium-bridge-815k-forged-guardian-messages"},{"credibility":2,"name":"Alephium Bridge Exploited for $815K, 13.76M Unbacked ALPH Minted — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/05/30/alephium-bridge-exploited-for-815k-13-76m-unbacked-alph-minted/"},{"credibility":2,"name":"Alephium Reveals Cause of $815K Bridge Exploit, Promises Compensation — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/05/30/alephium-reveals-cause-of-815k-bridge-exploit-promises-compensation/"},{"credibility":2,"name":"Bridge Breach Unpacked: Alephium Traces $815K Hack Step by Step — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/06/03/bridge-breach-unpacked-alephium-traces-815k-hack-step-by-step/"},{"credibility":2,"name":"Alephium Burns Unauthorized wALPH After Bridge Attack — CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/06/03/alephium-burns-unauthorized-walph-after-bridge-attack/"},{"credibility":2,"name":"Fake Bridge Messages Let Hacker Drain $815,000 From Alephium — BeInCrypto","type":"news_article","url":"https://beincrypto.com/alephium-bridge-exploit-forged-messages/"},{"credibility":2,"name":"Alephium TokenBridge Hacked, $815,000 in Assets Stolen — Phemex","type":"news_article","url":"https://phemex.com/news/article/alephium-tokenbridge-hacked-815000-in-assets-stolen-86934"},{"credibility":2,"name":"Alephium warns to withdraw liquidity — Bitget News","type":"news_article","url":"https://www.bitget.com/asia/amp/news/detail/12560605436315"},{"credibility":1,"name":"Alephium Official Website","type":"official","url":"https://alephium.org/"},{"credibility":1,"name":"Alephium Documentation","type":"official","url":"https://docs.alephium.org/"},{"credibility":2,"name":"Alephium Price Today — CoinMarketCap","type":"other","url":"https://coinmarketcap.com/currencies/alephium/"},{"credibility":2,"name":"Alephium Funding — Messari","type":"research","url":"https://messari.io/project/alephium/fundraising"},{"credibility":2,"name":"Alephium Mainnet Launch — TheNewsCrypto","type":"news_article","url":"https://thenewscrypto.com/alephium-launches-its-mainnet-providing-secure-smart-contracts/"},{"credibility":3,"name":"Cheng Wang — Architect of Alephium's Vision, The W3 Journal","type":"news_article","url":"https://thew3journal.com/cheng-wang-the-architect-of-alephiums-vision.html"}],"summary":"Alephium is a Swiss-founded Proof-of-Work Layer-1 blockchain launched November 8, 2021, featuring sharded smart contracts and the Proof-of-Less-Work consensus mechanism. On May 29-30, 2026, its TokenBridge was exploited for approximately $815,000 in approximately seven minutes via an off-chain backend vulnerability that allowed forged guardian messages to authorize unauthorized transfers and the minting of 13.76 million unbacked wrapped ALPH tokens. The team took the bridge offline, burned the unauthorized tokens, and committed to full user compensation.","timeline":[{"date":"2018-01-01","event":"Cheng Wang begins building Alephium, developing the BlockFlow sharding algorithm and Proof-of-Less-Work consensus mechanism.","source":"Alephium founder biography — The W3 Journal","source_url":"https://thew3journal.com/cheng-wang-the-architect-of-alephiums-vision.html"},{"date":"2021-10-06","event":"Alephium closes a $3.6 million pre-sale funding round with investors including Alphemy Capital and White Paper Capital.","source":"Messari fundraising data","source_url":"https://messari.io/project/alephium/fundraising"},{"date":"2021-11-08","event":"Alephium mainnet launches. Network hashrate reaches six-month projections within 48 hours.","source":"TheNewsCrypto — Alephium mainnet launch","source_url":"https://thenewscrypto.com/alephium-launches-its-mainnet-providing-secure-smart-contracts/"},{"date":"2026-05-30","event":"At approximately 02:36 UTC, attacker purchases a small amount of wALPH on Uniswap as preparation. At 06:30:47 UTC, a malicious contract emitting forged Wormhole messages is deployed. Between 07:00 and 09:00 UTC, bridge connectivity is disrupted, pushing the system into fallback validation mode. At 09:16:59 UTC the main attack begins. By 09:17:59 UTC, $815,000 in assets (USDT, USDC, WETH, WBTC) is drained from Ethereum and 13,757,076 unbacked wALPH minted. BNB Chain assets (USDT, WBNB) drained at 09:18:02 UTC. Alephium takes the bridge offline and warns users to remove liquidity from Uniswap and PancakeSwap pools.","source":"CryptoTimes — Bridge Breach Unpacked (post-mortem)","source_url":"https://www.cryptotimes.io/2026/06/03/bridge-breach-unpacked-alephium-traces-815k-hack-step-by-step/"},{"date":"2026-05-30","event":"Alephium publishes initial response, clarifying the exploit stemmed from an off-chain backend vulnerability rather than compromised guardian keys, and commits to compensating affected users.","source":"CryptoTimes — Alephium Reveals Cause","source_url":"https://www.cryptotimes.io/2026/05/30/alephium-reveals-cause-of-815k-bridge-exploit-promises-compensation/"},{"date":"2026-06-02","event":"Alephium executes a governance upgrade to burn 13,257,077.37295 wALPH held in the attacker's wallet, covering approximately 96.4% of the fraudulently minted supply. Approximately 500,000 wALPH that had already been sold on Uniswap remain in circulation; team commits to backing these with native ALPH.","source":"CryptoTimes — Alephium Burns Unauthorized wALPH","source_url":"https://www.cryptotimes.io/2026/06/03/alephium-burns-unauthorized-walph-after-bridge-attack/"},{"date":"2026-06-03","event":"Alephium publishes detailed step-by-step post-mortem tracing the full attack sequence, including preparation transactions, malicious contract deployment, and execution timeline. Compensation plan for affected bridge users promised as forthcoming.","source":"CryptoTimes — Bridge Breach Unpacked","source_url":"https://www.cryptotimes.io/2026/06/03/bridge-breach-unpacked-alephium-traces-815k-hack-step-by-step/"}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision d04613ea-7bc7-4f88-97ae-a55dceb4b5c8
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.