吴说区块链
吴说区块链|Feb 01, 2026 21:42
Cross-chain liquidity protocol CrossCurve (formerly EYWA) has confirmed that its cross-chain bridge was attacked due to a smart contract vulnerability. The attack stemmed from a lack of gateway verification, allowing the attacker to forge cross-chain messages and bypass validation, triggering unauthorized token unlocks in the PortalV2 contract. Approximately $3 million in funds were transferred across multiple chains as a result. Security analysis indicates the vulnerability lies in the ReceiverAxelar contract, where the expressExecute function can be directly called to inject forged messages and complete the attack. (The Block) https://www.(wublock123.com)/index.php?m=content&c=index&a=show&catid=6&id=56007
+6
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads