Skip to main content
Security

Cross-Chain Bridge Drained via Third-Party Solver Infrastructure Compromise

The reliance on centralized, off-chain solver infrastructure introduced an unacceptable single point of failure, enabling a multi-chain liquidity drain.
November 12, 20253 min

A close-up view reveals a complex, futuristic mechanical device, predominantly silver and dark blue, with striking electric blue glowing lines and rings. The device features intricate geometric shapes, metallic textures, and visible connecting wires, suggesting advanced technological functionality
A reflective, metallic tunnel frames a desolate, grey landscape under a clear sky. In the center, a large, textured boulder with a central circular aperture is visible, with a smaller, textured sphere floating in the upper right

Briefing

A critical security incident on the Garden Finance cross-chain bridge resulted in the unauthorized siphoning of multi-chain liquidity, immediately compromising user assets across multiple ecosystems. The core consequence was a direct depletion of liquidity pools containing WBTC, USDC, and USDT, leading to an operational halt and a loss of confidence in the platform’s solvency model. This breach, which the team attributed to a third-party solver compromise, successfully drained over $10.8 million in digital assets.

A close-up reveals an intricate assembly of silver modular computing units and prominent blue mechanical components, interconnected by various rods and wires. The shallow depth of field highlights the central blue mechanism, emphasizing the precision engineering of this complex system

Context

The protocol’s architecture, which utilized off-chain “solvers” to facilitate cross-chain atomic swaps, inherently expanded the attack surface beyond the audited smart contracts. This hybrid CeDeFi model introduced an opaque dependency on external Web2 infrastructure, which was already under scrutiny for allegedly processing a significant volume of illicit funds from prior major exploits. The risk was compounded by the centralization of the solver function, creating a high-value target for a sophisticated attack.

The image displays a high-tech modular hardware component, featuring a central translucent blue unit flanked by two silver metallic modules. The blue core exhibits internal structures, suggesting complex data processing, while the silver modules have ribbed designs, possibly for heat dissipation or connectivity

Analysis

The attacker exploited a vulnerability within the third-party solver’s operational infrastructure, gaining unauthorized control over the mechanism responsible for executing cross-chain transactions. This compromise allowed the attacker to bypass the protocol’s access controls and trigger internal withdrawal operations, effectively impersonating the authorized entity. The attacker then executed a series of coordinated, multi-chain transactions to drain liquidity pools on Arbitrum, Ethereum, and Solana, consolidating the stolen WBTC, USDC, and USDT. Forensic analysis confirms the attacker laundered $6.65 million of the stolen assets via Tornado Cash.

A spherical object showcases white, granular elements resembling distributed ledger entries, partially revealing a vibrant blue, granular core. A central metallic component with concentric rings acts as a focal point on the right side, suggesting a sophisticated mechanism

Parameters

  • Total Funds Drained ∞ $10.8 Million (The total amount of digital assets siphoned from multi-chain liquidity pools.)
  • Chains Affected ∞ Arbitrum, Ethereum, Solana (The primary blockchain networks where liquidity was compromised.)
  • Funds Laundered ∞ $6.65 Million (The value of stolen assets transferred to the Tornado Cash privacy mixer.)
  • Attack Vector Type ∞ Third-Party Solver Compromise (The root cause, focusing on the external component failure.)

This close-up view reveals a high-tech modular device, showcasing a combination of brushed metallic surfaces and translucent blue elements that expose intricate internal mechanisms. A blue cable connects to a port on the upper left, while a prominent cylindrical component with a glowing blue core dominates the center, suggesting advanced functionality

Outlook

Immediate mitigation requires all protocols relying on similar off-chain, centralized components to conduct an emergency audit of their third-party solver security and key management procedures. The incident establishes a clear contagion risk for other cross-chain bridges utilizing opaque, non-EVM solver architectures, demanding a shift toward fully on-chain verification mechanisms. New security best practices will likely mandate the isolation of liquidity management from external Web2 infrastructure to prevent single points of failure.

Two futuristic, white cylindrical components are depicted in close proximity, appearing to connect or exchange data. The right component's intricate core emits numerous fine, glowing strands surrounded by small, luminous particles, suggesting active data transmission between the modules

Verdict

This multi-chain compromise confirms that the systemic risk of hybrid DeFi protocols is directly proportional to the weakest link in their centralized, off-chain operational dependencies.

Cross chain protocol, Decentralized finance, Liquidity pool drain, Multi chain exploit, Third party risk, Off chain component, Solver compromise, Bridge vulnerability, Asset laundering, Tornado Cash, On chain forensics, Smart contract risk, Web2 infrastructure, Security breach, Illicit funds flow, White hat bounty, Atomic swap failure, Protocol security, Fund recovery Signal Acquired from ∞ ambcrypto.com

Micro Crypto News Feeds

multi-chain liquidity

Definition ∞ Multi-chain liquidity refers to the availability of assets and trading pairs across various independent blockchain networks.

infrastructure

Definition ∞ Infrastructure refers to the fundamental technological architecture and systems that support the operation and growth of blockchain networks and digital asset services.

liquidity pools

Definition ∞ Liquidity pools are pools of digital assets locked in smart contracts, used to facilitate decentralized trading.

digital assets

Definition ∞ Digital assets are any form of property that exists in a digital or electronic format and is capable of being owned and transferred.

liquidity

Definition ∞ Liquidity refers to the degree to which an asset can be quickly converted into cash or another asset without significantly affecting its market price.

tornado cash

Definition ∞ Tornado Cash is a decentralized cryptocurrency mixing service designed to enhance user privacy by obscuring the transaction history of digital assets.

solver compromise

Definition ∞ Solver compromise refers to a security breach or malicious manipulation of a "solver" entity within a decentralized protocol, particularly in systems that rely on solvers for efficient transaction ordering or execution.

cross-chain

Definition ∞ Cross-chain refers to the ability of different blockchain networks to communicate and interact with each other.

multi-chain

Definition ∞ A multi-chain system refers to an architecture that supports multiple independent blockchain networks.

Tags:

Tags: