Polkadot Hyperbridge 愚人节笑话成真，以太坊上铸造了超过 10 亿假 DOT 代币

Hyperbridge, a decentralized bridge connecting the Polkadot ecosystem to the Ethereum network, suffered a major security breach that allowed an attacker to mint 1 billion unauthorized DOT tokens. However, the hacker’s potential multimillion-dollar payday was drastically cut short to around $240,000 as there simply was not enough liquidity to cash out the fabricated assets. While the direct financial losses from the exploit were relatively contained, the incident has sent shockwaves through the Polkadot ecosystem, driving the network's DOT native token toward its all-time low amid broader market anxieties regarding cross-chain security. Related Reading Polkadot ecosystem thriving with $210 million treasury amid record transactions in 2024 Polkadot's ecosystem thrives with new interoperability solutions, as its Treasury marks a significant financial milestone. Dec 31, 2024 · Oluwapelumi Adejumo Anatomy of the Hyperbridge exploit Security experts explained that the vulnerability resided in how Hyperbridge’s contracts validated incoming cross-chain messages before passing them along to the token gateway. Blockchain security firm BlockSec Phalcon identified the root cause as a “Merkle Mountain Range (MMR) proof replay vulnerability.” This is essentially a cryptographic blind spot that allowed the attacker to recycle old, valid security proofs and attach them to malicious, newly crafted requests. At the core of the breach was a missing input validation within the system's `VerifyProof()` function. In standard cross-chain operations, a bridge must verify that a request originating on one blockchain is authentic before executing a corresponding action, such as minting tokens, on another. In this instance, the Hyperbridge contract failed to properly bind the submitted request payload to the validated proof. The system merely checked that a request hash had not been used before, without verifying if the proof actually matched the message it was supposed to authenticate. By ma