The Alephium Bridge Exploit: On-Chain Report

Every transaction executed during the May 30th Alephium Bridge attack is publicly verifiable on-chain. We wish to share these findings with you, as we believe greater transparency will lead to more people watching and tracking wallets, improving our odds of catching the attacker. All addresses have already been reported to the relevant authorities

This post consolidates the full sequence in one place, for the community, for researchers, and for the record. 

Please note: this is not a postmortem. That will be shared as soon as possible, and will be a much more detailed account of the attack, its impact, and our response.

Acquiring ALPH and Deploying the Fake Contract

To execute the exploit, the attacker needed native ALPH on Alephium to deploy a contract whose only purpose was to emit a forged Wormhole message. The process to obtain it began on Ethereum in the early hours of 30 May, well before the drain.

1. At 02:36:23 UTC, the attacker bought 485.19 wALPH on Ethereum via the Uniswap Universal Router, spending 0.01 ETH. 

2. They immediately approved the wALPH allowance for the TokenBridge contract, then bridged the full amount to Alephium via transferTokens, burning the wALPH on Ethereum and designating Alephium as the destination chain.

3. On Alephium, the bridge minted 485.19 ALPH to the attacker's receiving address. 

4. That ALPH was then forwarded to the contract deployer wallet across three separate transactions: 

   • 5 ALPH at 03:52:06 UTC
   • 150 ALPH at 06:23:13 UTC
   • 130 ALPH at 06:24:19 UTC.

At 06:30:47 UTC, almost three hours before the main drain, the deployer wallet funded and deployed the fake-event contract with 0.1 ALPH. The contract contains a single function whose only purpose is to execute LOG7 and emit fake VAA. The VAA payloads are provided by the transaction script. It is this mechanism that fed false data to the bridge's legitimate guardians, who signed the resulting VAAs without knowing the underlying event was fabricated. Those VAAs were then redeemed on Ethereum and BSC to drain real collateral and mint unbacked wALPH.

The Drain: 64 Seconds

Between 07:00 and 09:00 UTC, the attacker disrupted bridge node connectivity, forcing the backend onto its fallback validation path. 

At 09:16:59 UTC, the drain began.

Ethereum: Five transactions in 60 seconds:

• 200,967.31 USDT - 09:16:59
• 0.33531483 WBTC - 09:17:23
• 17,594.63 USDC - 09:17:35
• 5.18192421 WETH - 09:17:47
• 13,757,076.37 wALPH minted - 09:17:59

BSC: Just three seconds later:

• 36,750.106 USDT - 09:18:02
• 24.38620961 WBNB - 09:18:03

Liquidation: Ethereum

The stablecoins and WBTC were immediately converted to WETH via Uniswap X:

• 200,967.31 USDT → 99.685 WETH
• 0.33531483 WBTC → 12.209 WETH
• 17,594.63 USDC → 8.741 WETH

400,000 wALPH was dumped into the wALPH/ETH Uniswap V3 pool across four transactions: 1, 2, 3, 4. 

A further 1,000,000 wALPH was sent to a parking address, which received gas funding, approved Permit2, and sold 100,000 wALPH, leaving 900,000 wALPH parked.

Liquidation: BSC

The drained USDT was swapped to 54.676 WBNB via PancakeSwap, approved, then unwrapped to BNB. 

The combined 79.12517 BNB was bridged to Ethereum via deBridge, arriving 13 seconds later as 26.287 ETH.

Consolidation and Tornado Cash

ETH flows were consolidated into a single address across four transactions: 20 ETH, 36 ETH, 30 ETH, 40.88 ETH. 26 ETH was returned to the attacker: 1 ETH, 15 ETH, 10 ETH. 50 ETH was deposited into Tornado Cash in five transactions: 1, 2, 3, 4, 5.

wALPH Burn Update

On 2 June 2026, the bridge guardians, with support from security partners, executed an authorised recovery procedure to invalidate the unbacked wrapped ALPH held in the attacker's wallets. 

The governance action invoked the TokenBridge upgrade function (upgrade(bytes encodedVM), method ID 0x25394645), burning the unbacked wALPH supply in a single on-chain transaction at block 25,230,400 (14:49:35 UTC).

This action applied exclusively to unbacked wrapped ALPH created through the exploit and held in the attacker’s wallet. It did not affect native ALPH, legitimately backed wrapped ALPH held by users, or addresses that unknowingly acquired unbacked wALPH through secondary trading activity. The Alephium L1 consensus rules were unaffected at all times.

Burn Summary

Main attacker wallet

0x6681ebC8…921d

12,357,077.37295

~$428,600

-

Parking EOA

0x0baD8f95…509c

900,000.00000

~$31,200

-

Total

13,257,077.37295

~$459,800

Of the 13,757,077.37 wALPH minted through forged VAAs, 13,257,077.37 (96.4%) has been burned on-chain. The remaining 500,000 wALPH exited the response window before the bridge was paused and was sold into Uniswap liquidity pools. Recovery options for the escaped portion remain under active review.

Fund Locations as of June 2nd, 2026

Address and Holdings

Attacker 0x6681…921d -3.7321 ETH · 12,357,077 wALPH (burned)

Consolidation 0xb80a…bfd4 - 100.88 ETH — no CEX deposits detected

Parking 0x0bad…509c - 900,000 wALPH (burned) · 0.3964 ETH

Tornado Cash - 50 ETH mixed

Attacker addresses

Role and Address

Attacker (ETH + BSC) 0x6681ebC82551fE52fDB48E65872e85a3ae06921d

Attacker Consolidation EOA 0xb80a7d612480d121696be6dfe062f5e6d984bfd4

Attacker wALPH parking EOA 0x0baD8f95a996DeADe828d21DAd765b60c2b2509c

Attacker fake-event contract (log7) 24ZjqcvV8vVCn29zd1TThqAtaS8pMvJ4Co1MK5zncPcAB

Attacker bridge receiving wallet 3cUr7y3DuEkkYJj6G7tehG8R21XTMEGXWcUcsu7BxsaR2vKh5twVm

Attacker:  log7 contract deployer wallet 14etamDofb3XmupQyuFQN6c1szQYAduqxjzPq4YjwnPPv

Other key addresses

Role and Address

ETH TokenBridge (drained) 0x579a3bDE631c3d8068CbFE3dc45B0F14EC18dD43

BSC TokenBridge (drained) 0x2971F580C34d3D584e0342741c6a622f69424dD8

wALPH / ALPH token (ETH) 0x590f820444fa3638e022776752c5eef34e2f89a6

Tornado.Cash Router 0xd90e2f925DA726b50C4Ed8D0Fb90Ad053324F31b

Uniswap Universal Router 0x4C82D1fBFe28C977cBB58D8C7FF8FCF9F70a2cCA

ALPH/USDT Uniswap V3 pool (buy route) 0xa344855388c9f2760e998eb2207b58de6e7d0360

Uniswap X: Rizzolver router 0x225a38bc71102999Dd13478BFaBD7c4d53f2DC17

Uniswap X: settler 0x51C72848c68a965f66FA7a88855F9f7784502a7F

UniswapX V2DutchOrderReactor (inferred) 0x00000011F84B9aa48e5f8aA8B9897600006289Be

wALPH/ETH Uniswap V3 pool 0x9628105808292699874f20d77d50a09bc26850c5

Uniswap V4 Pool Manager 0x000000000004444c5dc75cB358380D2e3dE08A90

Uniswap Permit2 0x000000000022D473030F116dDEE9F6B43aC78BA3

deBridge DlnDestination (ETH delivery) 0xE7351Fd770A37282b91D153Ee690B63579D6dd7f

deBridge Crosschain Forwarder Proxy (BSC) 0x663DC15D3C1aC63ff12E45Ab68FeA3F0a883C251

Alephium — bridge (token custody) contract 226T1XspViny5o6Ce1jQR6UCGrDXuq5NBVoCFNufMEWBZ

What This On-Chain Data Means

The bulk of the stolen funds have not moved. 

• 100.88 ETH remains parked in the consolidation address with no CEX deposits detected.
• The headline "$815K" counts the full notional wALPH mint at pre-crash prices. The more accurate framing is ~$305K of backed collateral stolen and 13.76M unbacked wALPH minted (of which only ~500K wALPH was realized, while the remaining 13.26M has been burned)

To realize the value of the ETH, the attacker will need to move it. Every address in this report is public, permanent, and now in front of a significantly larger audience. More eyes on these wallets means less room for error.

If you observe any movement on the addresses listed here, report it immediately in the Alephium Telegram or Discord channels. The investigation is active, and we are coordinating with law enforcement and blockchain security teams.

We will share a fuller postmortem covering the exploit, the guardian process, the scope of affected assets, and the remaining recovery steps.

Further updates will follow.