Bridge Incident Registry
Incident case

BSC Token Hub 2022 forged-proof exploit

In October 2022, an attacker exploited BSC Token Hub by forging a bridge proof, creating and taking two million BNB. The nominal value was nearly $570 million, while BNB Chain later stated that about $100 million remained unrecovered after validators paused and resumed the network.

reviewedcurrent

Incident facts

Incident title
BSC Token Hub 2022 forged-proof exploit
Bridge
BSC Token Hub
Incident date
2022-10-06
Incident type
Exploit
Major incident
Yes
Affected chains
BNB Beacon Chain, BNB Chain
Affected assets
BNB
Attack category
Message Verification Failure
Reported loss
Nearly $570 million minted; about $100 million unrecovered
Recovery
Partial Recovery
Reimbursement
Not Applicable
Restart
Reopened
Current outcome
Deprecated After Incident
Resolution
Unresolved
Last reviewed
2026-06-14
Last verified
2026-06-14

Timeline events

  • BSC Token Hub exploit disclosed2022-10-06

    BNB Chain reported an irregular cross-chain transfer involving BSC Token Hub and coordinated a temporary network suspension while the exploit was contained.

    Exploit DisclosedHigh

  • BNB Smart Chain resumed after coordinated response2022-10-07

    Validators resumed BNB Smart Chain after an upgrade and coordinated containment measures, while BSC Token Hub remained the incident focus.

    Network ResumedHigh

  • Native BSC Token Hub path retired during BNB Chain Fusion2024-11-19

    BNB Chain disabled cross-chain communication between BNB Beacon Chain and BNB Smart Chain during the final Beacon Chain sunset, retiring the historical native bridge path.

    Bridge RetiredHigh

Evidence records

Known unknowns