Alephium TokenBridge was hacked, resulting in a loss of $815k.

The attacker controlled 3 out of 4 Guardian keys, forged VAA within 7 minutes, and minted 13.76 million wrapped ALPH out of thin air, exceeding 100% of the circulating supply before the attack.
This is not just a technical "code vulnerability," but a collapse of trust at the governance level.
Multisignature was meant to disperse risk, but when 3 out of 4 keys can be controlled by the same entity, multisignature becomes a single point of failure.
The key management mechanism of Guardian keys, air-gapped storage, and periodic rotation—these fundamental issues are often overlooked in cross-chain bridge design.
What’s more concerning is that the attacker not only minted tokens but also unlocked USDT, USDC, WBTC, and WETH from the custody pool.
This means that the liquidity pools of the cross-chain bridge are not entirely independent but are deeply tied to governance permissions.
Once governance is compromised, all assets in the pool are exposed to risk.
Alephium is not an isolated case.
By 2025, cross-chain bridges like Wormhole and Nomad have exposed similar issues, but the industry still seems to have not truly learned its lesson.
As a critical infrastructure for asset flow across ecosystems, the security model of cross-chain bridges must shift from “trusting a few” to “verifiable code logic.”
For users, a simple criterion: if the upgrade or pause permissions of a cross-chain bridge are concentrated in a few addresses, its security is no better than that of a centralized exchange.
In the DeFi world, governance equals risk.
$usdt #usdc #w #wbtc #defi