BridgeLink / CrossFlow / Relay Protocol — June 14 Cross-Chain Exploit ($127M)
Summary
BridgeLink, CrossFlow, and Relay Protocol are three DeFi bridge protocols alleged to have been drained of a combined $127 million in a coordinated cross-chain exploit beginning at 03:42 UTC on June 14, 2026. The incident is described as exploiting a signature replay vulnerability combined with premature finality acceptance across Ethereum, Arbitrum, and Polygon. As of June 16, 2026, no Tier 1 or Tier 2 sources — including CoinDesk, The Block, Reuters, or Bloomberg — have published corroborating coverage, and no on-chain transaction hashes or official protocol statements have been publicly produced; the investigation page reflects low source confidence accordingly.
Connected Entities
1 entities · 10 linked investigationsTimeline(8 events)
2026-06-14
Alleged exploit begins at 03:42 UTC. Fraudulent cross-chain messages allegedly clear validator set on Ethereum mainnet, initiating unauthorized minting on Arbitrum.
$127M Stolen in DeFi Bridge Cross-Chain Hack — Nadcab Labs (Tier 3, unverified)2026-06-14
Automated monitoring allegedly flags abnormal mint events on Arbitrum at 03:54 UTC, 12 minutes after attack initiation. $43 million in stablecoins allegedly already liquidated through DEXes by this point.
$127M Stolen in DeFi Bridge Cross-Chain Hack — Nadcab Labs (Tier 3, unverified)2026-06-14
Five major market making platforms allegedly trigger emergency trading halts. Wintermute allegedly pauses all cross-chain strategies at 04:10 UTC.
$127M Stolen in DeFi Bridge Cross-Chain Hack — Nadcab Labs (Tier 3, unverified)2026-06-14
Attacker allegedly splits funds across 14 intermediary addresses and begins bridging portions to Polygon and Optimism. Primary wallet identified in source as 0x7f3a...9c2d (truncated, unverified).
$127M Stolen in DeFi Bridge Cross-Chain Hack — Nadcab Labs (Tier 3, unverified)2026-06-14
SEC and CFTC alleged to have opened emergency regulatory scrutiny of bridge operators. No official government filing has been independently located to corroborate this claim.
$127M Stolen in DeFi Bridge Cross-Chain Hack — Nadcab Labs (Tier 3, unverified)2026-06-16
Approximately $89 million alleged to remain liquid across chains. $38 million allegedly converted to privacy-preserving tokens (Tornado Cash equivalents and Monero). Blockchain forensics alleged to have traced only 18% of funds.
$127M Stolen in DeFi Bridge Cross-Chain Hack — Nadcab Labs (Tier 3, unverified)2026-06-17
Nadcab Labs publishes blog article describing the exploit. Article contains no transaction hashes, no official protocol statements, and no regulatory citations. This remains the sole identifiable source for the event.
$127M Stolen in DeFi Bridge Cross-Chain Hack — Nadcab Labs2026-06-21
AVOID.NET investigation conducted. No Tier 1 or Tier 2 independent corroboration found for BridgeLink, CrossFlow, or Relay Protocol as entities or for the $127M June 14 exploit. DefiLlama hacks database returns no matching entries.
AVOID.NET investigationmodel: claude-sonnet-4-6
generated: 6/21/2026, 12:05:18 PM
last updated: 6/21/2026, 12:05:18 PM
avoid.net — verified advice for a post-truth world