Skip to main content
Sign in
TAC Protocol Bridge1 decision on this page

Audit log

Every state-changing event for TAC Protocol Bridge: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-28 03:28:14Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,638,384
    sig
    612ZM31LPC5Q…Sh52WYmRexplorer ↗
    hash
    GF2f7nRX3gJN…ZrWMXPA8sha256 → base58
    verifying row…full verify ↗
    canonical bytes (12285 B) ▸
    {"actor":"system:backfill","investigation_id":"4bd7b8fb-8444-4e3e-98d1-702adadd3e86","kind":"publish","page_slug":"tac-protocol-bridge","published_at":"2026-05-28T03:28:14.209Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"TAC Protocol Bridge","sections":[{"content":"On May 12, 2026, the TON-to-Ethereum bridge operated by TAC Protocol was drained of approximately $2.86 million, representing the protocol's entire TVL at the time. The affected assets were USDT, BLUM (a Telegram-native token), and tsTON (tokenized TON). The TAC token itself, native TON, and ERC-20 assets on the Ethereum side were reported as unaffected. TAC disclosed the vulnerability on approximately May 11, with the attack executing on May 12. By May 14, the incident was reclassified as a white-hat event after the attacker accepted a 10% bounty — reported as approximately 13 ETH plus 300 ZEC — and returned the remaining ~90% of funds to TAC's designated multisig wallet on Ethereum and a corresponding address on TON. TAC stated it would not pursue litigation against the attacker following the return of funds. The bridge was suspended pending an independent security audit conducted in collaboration with TON network partners.","heading":"Security Incident: Bridge Exploit (May 2026)","severity":"critical","sources":[{"credibility":2,"name":"TAC labels $2.8M bridge exploit a white hat incident as hacker claims 10% bounty","type":"news_article","url":"https://www.mexc.com/news/1093414"},{"credibility":2,"name":"TAC's $2.8M bridge hack reclassified as white-hat after attacker accepts 10% bounty","type":"news_article","url":"https://bingx.com/en/flash-news/post/tac-tonethereum-bridge-drained-for-m-on-may-as-hacker-accepts-percent-white-hat-bounty"},{"credibility":2,"name":"TAC Discloses TON-TAC Bridge Vulnerability, Recovers 90% of Stolen Assets","type":"news_article","url":"https://www.kucoin.com/news/flash/tac-discloses-ton-tac-bridge-vulnerability-recovers-90-of-stolen-assets"}]},{"content":"The root cause of the May 2026 exploit was a lack of input validation in the bridge's sequencer software. Specifically, the sequencer accepted a counterfeit Jetton wallet on the TON network that lacked proper code-hash and minter checks. This allowed the attacker to forge Jetton wallets and trick the bridge into processing illegitimate asset transfers. The vulnerability was isolated to native TON Jettons bridged from the TON side; Ethereum-side ERC-20 assets and the TAC native token were not at risk. The vulnerability class — missing validation in cross-chain sequencer or relayer software — is a recognized attack vector in the broader cross-chain bridge security literature. TAC stated the patched software would undergo independent audit before bridge operations resumed.","heading":"Technical Vulnerability","severity":"critical","sources":[{"credibility":2,"name":"TAC Discloses TON-TAC Bridge Vulnerability, Recovers 90% of Stolen Assets","type":"news_article","url":"https://www.kucoin.com/news/flash/tac-discloses-ton-tac-bridge-vulnerability-recovers-90-of-stolen-assets"},{"credibility":2,"name":"TAC Bridge Attack Costs $2.8M as Compensation Plan Emerges","type":"news_article","url":"https://coincu.com/tac-cross-chain-bridge-attack-2-8m-user-compensation/"}]},{"content":"TAC Protocol publicly committed to making affected users whole following the exploit. The stated recovery mechanism is a legally structured sale of TAC Foundation treasury token reserves, with proceeds directed to repaying bridge liquidity and compensating affected users. As of late May 2026, critical execution details — including timeline, token quantity to be sold, sale format, and the exact compensation percentage for affected users — had not been publicly disclosed. The success of the compensation plan is contingent on prevailing market conditions for the TAC token at the time of any sale and the size of Foundation reserves. Affected users were directed to monitor TAC's official channels for updates.","heading":"User Compensation and Recovery Plan","severity":"high","sources":[{"credibility":2,"name":"TAC labels $2.8M bridge exploit a white hat incident as hacker claims 10% bounty","type":"news_article","url":"https://www.mexc.com/news/1093414"},{"credibility":2,"name":"TAC Bridge Attack Costs $2.8M as Compensation Plan Emerges","type":"news_article","url":"https://coincu.com/tac-cross-chain-bridge-attack-2-8m-user-compensation/"}]},{"content":"Following the May 12, 2026 exploit disclosure, the TAC token declined by more than 21% over the subsequent week, with market capitalization falling from approximately $91 million before the disclosure to approximately $79 million by mid-May 2026. As of late May 2026, TAC was trading near $0.020–0.022 USD with a market capitalization of approximately $82–100 million depending on the data source. The token's all-time high was reported at approximately $0.028, placing the post-exploit price roughly 25–32% below the peak. The $2.8 million exploit represented TAC's total TVL at the time, indicating the protocol had relatively limited liquidity depth at the point of attack.","heading":"Market Impact","severity":"medium","sources":[{"credibility":2,"name":"TAC Protocol price today — CoinMarketCap","type":"other","url":"https://coinmarketcap.com/currencies/tac-protocol/"},{"credibility":2,"name":"TAC's $2.8M bridge hack reclassified as white-hat after attacker accepts 10% bounty","type":"news_article","url":"https://bingx.com/en/flash-news/post/tac-tonethereum-bridge-drained-for-m-on-may-as-hacker-accepts-percent-white-hat-bounty"}]},{"content":"TAC Protocol is an EVM-compatible Layer-1 blockchain built on the Cosmos SDK, designed to connect Ethereum's DeFi ecosystem with the TON blockchain and Telegram's approximately one billion users. Co-founders include Pavel Altukhov and Marco Monaco. TAC is not an official Telegram or TON Foundation project; it operates independently within the TON ecosystem. The protocol raised $11.5 million in seed and strategic funding rounds led by Hack VC. TAC launched its public mainnet on or around July 15, 2025, with major DeFi protocols including Curve, Morpho, and Euler deployed at launch. Prior to launch, TAC ran an '$800 million Summoning Campaign' on Turtle Club to bootstrap liquidity. The bridge between TON and the TAC EVM chain is the central security-critical component of the architecture and was the vector exploited in the May 2026 incident.","heading":"Protocol Background and Architecture","severity":"low","sources":[{"credibility":2,"name":"TAC launches public mainnet to bring DeFi protocols like Curve and Morpho onto TON and Telegram","type":"news_article","url":"https://www.theblock.co/post/362681/tac-launches-public-mainnet-to-bring-defi-protocols-like-curve-and-morpho-onto-ton-and-telegram"},{"credibility":2,"name":"TAC mainnet launch aims to bridge Ethereum DeFi to TON — Blockworks","type":"news_article","url":"https://blockworks.co/news/tac-mainnet-launch-ethereum-ton"}]},{"content":"The TAC exploit occurred during a period of elevated cross-chain bridge attacks. PeckShield reported that bridge exploits collectively reached $328.6 million across eight major incidents in May 2026 alone. The TAC incident, at $2.86 million, was among the smaller events in this wave but was notable because it represented the entirety of the protocol's TVL. The incident underscores a recognized systemic risk in cross-chain bridge design: sequencer or relayer validation failures can be exploited to drain custodied assets without requiring a smart contract vulnerability on either connected chain.","heading":"Broader Context: Bridge Exploit Wave, May 2026","severity":"medium","sources":[{"credibility":2,"name":"Crypto Bridge Exploits Hit $328.6M in May as Peckshield Tracks 8 Major Incidents","type":"news_article","url":"https://news.bitcoin.com/crypto-bridge-exploits-328-million-may-2026-peckshield/"}]}],"sources_used":[{"credibility":2,"name":"TAC labels $2.8M bridge exploit a white hat incident as hacker claims 10% bounty","type":"news_article","url":"https://www.mexc.com/news/1093414"},{"credibility":2,"name":"TAC's $2.8M bridge hack reclassified as white-hat after attacker accepts 10% bounty","type":"news_article","url":"https://bingx.com/en/flash-news/post/tac-tonethereum-bridge-drained-for-m-on-may-as-hacker-accepts-percent-white-hat-bounty"},{"credibility":2,"name":"TAC Protocol Bridge Hack: $2.8M Drained on TON-ETH Link","type":"news_article","url":"https://memeburn.com/hackers-drain-2-8m-from-tac-protocol-bridge-tons-defi-gateway-under-fire/"},{"credibility":2,"name":"TAC Discloses TON-TAC Bridge Vulnerability, Recovers 90% of Stolen Assets","type":"news_article","url":"https://www.kucoin.com/news/flash/tac-discloses-ton-tac-bridge-vulnerability-recovers-90-of-stolen-assets"},{"credibility":2,"name":"TAC Bridge Attack Costs $2.8M as Compensation Plan Emerges","type":"news_article","url":"https://coincu.com/tac-cross-chain-bridge-attack-2-8m-user-compensation/"},{"credibility":2,"name":"Crypto Bridge Exploits Hit $328.6M in May as Peckshield Tracks 8 Major Incidents","type":"news_article","url":"https://news.bitcoin.com/crypto-bridge-exploits-328-million-may-2026-peckshield/"},{"credibility":2,"name":"TAC launches public mainnet to bring DeFi protocols like Curve and Morpho onto TON and Telegram","type":"news_article","url":"https://www.theblock.co/post/362681/tac-launches-public-mainnet-to-bring-defi-protocols-like-curve-and-morpho-onto-ton-and-telegram"},{"credibility":2,"name":"TAC mainnet launch aims to bridge Ethereum DeFi to TON — Blockworks","type":"news_article","url":"https://blockworks.co/news/tac-mainnet-launch-ethereum-ton"},{"credibility":2,"name":"TAC Protocol price today — CoinMarketCap","type":"other","url":"https://coinmarketcap.com/currencies/tac-protocol/"}],"summary":"TAC Protocol is an EVM-compatible Layer-1 blockchain built on Cosmos SDK that bridges Ethereum DeFi applications to the TON blockchain and Telegram ecosystem. On May 12, 2026, its cross-chain bridge was exploited for approximately $2.86 million — the protocol's entire TVL at the time — due to missing validation in sequencer software that allowed attackers to forge Jetton wallets. The attacker subsequently accepted a 10% white-hat bounty, returning roughly 90% of stolen funds to TAC's multisig; the bridge remains paused pending an independent security audit as of late May 2026.","timeline":[{"date":"2025-06-18","event":"TAC raised $11.5 million in seed and strategic funding rounds led by Hack VC.","source":"Blockworks","source_url":"https://blockworks.co/news/tac-mainnet-launch-ethereum-ton"},{"date":"2025-07-15","event":"TAC Protocol launched its public mainnet with DeFi protocols including Curve, Morpho, and Euler deployed.","source":"The Block","source_url":"https://www.theblock.co/post/362681/tac-launches-public-mainnet-to-bring-defi-protocols-like-curve-and-morpho-onto-ton-and-telegram"},{"date":"2026-05-11","event":"TAC Protocol disclosed the existence of a security vulnerability in the TON-TAC bridge sequencer software.","source":"KuCoin News","source_url":"https://www.kucoin.com/news/flash/tac-discloses-ton-tac-bridge-vulnerability-recovers-90-of-stolen-assets"},{"date":"2026-05-12","event":"Attacker exploited missing Jetton wallet validation in the bridge sequencer, draining approximately $2.86 million in USDT, BLUM, and tsTON — TAC's entire TVL. TAC bridge paused.","source":"MEXC News","source_url":"https://www.mexc.com/news/1093414"},{"date":"2026-05-14","event":"TAC recovered approximately 90% of stolen funds to its multisig wallet after the attacker accepted a 10% white-hat bounty (reported as ~13 ETH + 300 ZEC). TAC reclassified the incident as white-hat and announced it would not pursue litigation.","source":"KuCoin News","source_url":"https://www.kucoin.com/news/flash/tac-discloses-ton-tac-bridge-vulnerability-recovers-90-of-stolen-assets"},{"date":"2026-05-14","event":"TAC announced a compensation plan based on a legally structured sale of Foundation TAC token treasury reserves to make affected users whole. Specific timeline and sale details were not disclosed.","source":"MEXC News","source_url":"https://www.mexc.com/news/1093414"}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 4cd7d511-d7f8-4543-a403-771bb925f902
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.