Verify a decision

{"actor":"system:backfill","investigation_id":"e98dcb71-6fb2-41c3-9678-2430b35a4af0","kind":"publish","page_slug":"hyperbridge","published_at":"2026-05-26T19:24:50.010Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Hyperbridge","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.hyperbridge.network/april-13-post-mortem/","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/tech/2026/04/13/attacker-mints-usd1-billion-polkadot-tokens-on-ethereum-ends-up-stealing-just-usd250-000","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/hacker-steals-237k-1b-bridged-dot-hyperbridge","type":"other","url":""},{"credibility":3,"name":"https://www.cryptotimes.io/2026/04/16/hyperbridge-raises-exploit-loss-estimate-to-2-5m-from-237k/","type":"other","url":""},{"credibility":3,"name":"https://www.theblock.co/post/397773/polkadot-hyperbridge-exploit-losses-2-5-million-ten-times-initial-estimate","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/hyperbridge-exploit-losses-revised-25m/","type":"other","url":""},{"credibility":3,"name":"https://ambcrypto.com/hyperbridge-revises-exploit-losses-to-2-5m-traces-funds-to-binance/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://protos.com/hyperbridge-exploited-less-than-two-weeks-after-april-fools-day-hack-prank/","type":"other","url":""},{"credibility":3,"name":"https://www.web3isgoinggreat.com/?id=hyperbridge-exploit","type":"other","url":""},{"credibility":3,"name":"https://cryptoslate.com/polkadot-hyperbridge-april-fools-joke-comes-true-as-over-1-billion-fake-dot-tokens-were-minted-on-ethereum/","type":"other","url":""},{"credibility":3,"name":"https://ambcrypto.com/hyperbridge-exploit-lets-attacker-mint-1b-bridged-dot-raising-questions-after-safest-bridge-claims/","type":"other","url":""},{"credibility":3,"name":"https://blog.hyperbridge.network/explained-hack-april-fool/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://protos.com/hyperbridge-exploited-less-than-two-weeks-after-april-fools-day-hack-prank/","type":"other","url":""},{"credibility":3,"name":"https://crypto.news/hyperbridge-launches-50k-bug-bounty-after-bridge-exploit/","type":"other","url":""},{"credibility":3,"name":"https://www.cryptotimes.io/2026/05/15/hyperbridge-offers-50000-for-critical-vulnerabilities/","type":"other","url":""},{"credibility":3,"name":"https://www.autheo.com/blog/bridge-security-lessons-hyperbridge-exploit-2026","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.hyperbridge.network/recovery-and-next-steps/","type":"other","url":""},{"credibility":3,"name":"https://phemex.com/news/article/hyperbridge-revises-hack-losses-to-25-million-plans-compensation-73722","type":"other","url":""},{"credibility":3,"name":"https://forum.polkadot.network/t/pre-proposal-discussion-dot-recovery-loan-to-hyperbridge-token-gateway-exploit-victims/17552","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/hyperbridge-exploit-losses-revised-25m/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://techpoint.africa/feature/how-hyperbridge-works-seun-lanlege/","type":"other","url":""},{"credibility":3,"name":"https://techcabal.com/2025/04/17/polytope-labs-raises-over-5-million-to-scale-hyperbridge-backed-by-the-polkadot-ecosystem-fund/","type":"other","url":""},{"credibility":3,"name":"https://polkadot.com/newsroom/press-releases/hyperbridge-launches-on-Polkadot/","type":"other","url":""},{"credibility":3,"name":"https://en.wikipedia.org/wiki/Hyperbridge","type":"other","url":""},{"credibility":3,"name":"https://bitcoinke.io/2025/11/a-look-at-hyperbridge/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://protos.com/hyperbridge-exploited-less-than-two-weeks-after-april-fools-day-hack-prank/","type":"other","url":""},{"credibility":3,"name":"https://www.tronweekly.com/hyperbridge-suffers-237000-breach-as-token-gate/","type":"other","url":""},{"credibility":3,"name":"https://ambcrypto.com/hyperbridge-revises-exploit-losses-to-2-5m-traces-funds-to-binance/","type":"other","url":""}]}],"sources_used":[],"summary":"Hyperbridge is a cross-chain interoperability protocol built by Polytope Labs (founded by Nigerian engineers Seun Lanlege and David Salami) that uses cryptographic proofs to facilitate asset and message transfers across blockchains. On April 13, 2026, an attacker exploited a Merkle Mountain Range (MMR) proof verification vulnerability in the Token Gateway contract, minting 1 billion fraudulent bridged DOT tokens and extracting losses initially reported at $237,000 but later revised to approximately $2.5 million across Ethereum, Base, BNB Chain, and Arbitrum. The exploit occurred less than two weeks after the project publicly mocked the possibility of being hacked in an April Fools joke, and followed alleged dismissals of security researchers who had flagged vulnerabilities beforehand.","timeline":[{"date":"2023-11-01","event":"Polytope Labs publicly launches Hyperbridge cross-chain bridge.","source":""},{"date":"2024-01-01","event":"Hyperbridge launches on Polkadot mainnet.","source":""},{"date":"2025-04-17","event":"Polytope Labs announces over $5 million in funding backed by the Polkadot Ecosystem Fund, Web3 Foundation, and Scytale Digital.","source":""},{"date":"2025-09-30","event":"Hyperbridge expands to Polygon mainnet; team markets protocol as 'the world's safest bridge' in official materials.","source":""},{"date":"2026-02-01","event":"Alleged: a bug bounty researcher reports critical vulnerabilities and is reportedly told 'exploit them if you found them' by the team.","source":""},{"date":"2026-04-01","event":"Hyperbridge posts April Fools' joke on X claiming the Lazarus Group drained $37 million; linked blog post contains Rickroll GIF and article titled 'Why Hyperbridge Can't Be Hacked.'","source":""},{"date":"2026-04-02","event":"A known exploiter address begins probing Hyperbridge; a developer dismisses attempts with 'hope you have a quantum computer bro.'","source":""},{"date":"2026-04-13","event":"Exploit occurs: attacker forges an MMR proof to seize admin control of the bridged DOT contract on Ethereum and mints 1 billion fake DOT tokens, extracting approximately 108.2 ETH (~$237,000) and an estimated 245 ETH from the TokenGateway contract, with funds deposited into Tornado Cash.","source":""},{"date":"2026-04-13","event":"Hyperbridge pauses Token Gateway operations; patch deployed within 72 hours; April Fools posts deleted.","source":""},{"date":"2026-04-16","event":"Hyperbridge revises total exploit losses to approximately $2.5 million — ten times the initial estimate — after reconciling activity across Ethereum, Base, BNB Chain, and Arbitrum.","source":""},{"date":"2026-04-16","event":"Stolen funds traced in part to Binance; Hyperbridge states it is cooperating with Binance compliance and law enforcement.","source":""},{"date":"2026-04-25","event":"Polkadot Forum pre-proposal discussion published proposing a DOT recovery loan from the Polkadot Treasury for liquidity providers affected by the exploit.","source":""},{"date":"2026-05-15","event":"Hyperbridge launches $50,000 bug bounty on HackenProof for critical vulnerabilities, following post-exploit SRLabs audit that found 14 vulnerabilities (1 critical, 3 high, 5 medium, 4 low, 1 informational), all reportedly remediated.","source":""}]},"v":1}