CoinsValue.net logo CoinsValue.net logo
Cryptopolitan 2026-06-17 20:01:17

Syscoin recovers 5 billion SYS tokens after bridge exploit, burns them permanently

Syscoin’s team has recovered and destroyed 5 billion SYS tokens that an attacker minted through a flaw in the project’s cross-chain bridge. Syscoin had to burn the minted tokens to restore its supply to its pre-exploit levels; however, its bridge remains offline. How did the exploit happen? The Syscoin team stated that they detected the attack on June 7. The attack targeted a gap between how two layers of Syscoin’s infrastructure interpreted the same transaction data. Syscoin runs a dual-chain architecture that consists of a Bitcoin-based UTXO chain and an Ethereum-compatible smart contract layer called NEVM. Both chains are connected by a bridge that verifies transaction proofs before moving tokens between them. The project confirmed in a technical postmortem published June 15 that the attacker crafted a transaction containing two asset commitments that both pointed at the same output. One commitment referenced native SYS, while the other referenced a custom test token the attacker had created. Syscoin Core and the NEVM relay each parsed the ambiguous payload differently. Core treated the transaction as involving the custom token. The relay read it as native SYS and instructed the vault contract to release 5 billion tokens. The attacker had tested the approach first with a smaller probe transaction using a different custom token, according to the postmortem. The main exploit followed with a second custom asset. How was the Syscoin team able to recover the exploited fund? After tracing the exploited funds across UTXO addresses, the Syscoin team contacted the attacker on-chain with a recovery address and a warning that exchange escalation and legal action would follow if the tokens were not returned. The attacker sent the full 5 billion SYS back, according to on-chain records linked in the postmortem. The team then destroyed the tokens. The burn transaction is publicly viewable on Syscoin’s block explorer. On June 10, Syscoin posted on X that it had told exchanges they could safely reopen SYS deposits and withdrawals. What is the market context? The 5 billion minted tokens exceeded Syscoin’s legitimate circulating supply of roughly 891 million SYS by over 5 times, according to CoinMarketCap data. Those minted tokens were worth around $9 million when the exploit happened. SYS has struggled through most of 2026. CoinMarketCap lists the token at approximately $0.0026 with a market capitalization of $2.3 million. The token has declined by over 48% over the past 30 days and by over 91% in the past year. DeFiLlama data shows that Syscoin’s total value locked (TVL) in DeFi protocols had dropped to effectively zero, with only 14 active addresses and 73 transactions recorded over a 24-hour period before the incident. What has the Syscoin team fixed? According to the Syscoin team, every bridge burn proof must map to exactly one asset identity, and both Core and the relay must agree on what that identity is. The relay now rejects any burn transaction where asset commitments are duplicated, ambiguous, or could resolve inconsistently across layers. Core-side updates are also in progress to reject duplicate asset assignments at the consensus level. The bridge is still paused , as the Syscoin team stated it is still pending final review. Native SYS deposits at exchanges have resumed, but cross-chain transfers through the bridge are closed until the team completes validation. PeckShieldAlert data showed 14 major bridge and cross-chain exploits had drained a combined $340.7 million as of June 1, 2026. Around $28.62 million was lost in bridge-related exploits in May alone, the largest category by dollar amount that month. If you're reading this, you’re already ahead. Stay there with our newsletter .

면책 조항 읽기 : 본 웹 사이트, 하이퍼 링크 사이트, 관련 응용 프로그램, 포럼, 블로그, 소셜 미디어 계정 및 기타 플랫폼 (이하 "사이트")에 제공된 모든 콘텐츠는 제 3 자 출처에서 구입 한 일반적인 정보 용입니다. 우리는 정확성과 업데이트 성을 포함하여 우리의 콘텐츠와 관련하여 어떠한 종류의 보증도하지 않습니다. 우리가 제공하는 컨텐츠의 어떤 부분도 금융 조언, 법률 자문 또는 기타 용도에 대한 귀하의 특정 신뢰를위한 다른 형태의 조언을 구성하지 않습니다. 당사 콘텐츠의 사용 또는 의존은 전적으로 귀하의 책임과 재량에 달려 있습니다. 당신은 그들에게 의존하기 전에 우리 자신의 연구를 수행하고, 검토하고, 분석하고, 검증해야합니다. 거래는 큰 손실로 이어질 수있는 매우 위험한 활동이므로 결정을 내리기 전에 재무 고문에게 문의하십시오. 본 사이트의 어떠한 콘텐츠도 모집 또는 제공을 목적으로하지 않습니다.