Incident case
Nerve Bridge 2021 metapool exploit
An attacker exploited an inconsistent exchange-amount calculation in Saddle-derived metapool code used by Nerve Bridge. BlockSec reported that the fUSDT and UST pools were drained and that the attacker gained approximately 900 BNB.
reviewedcurrent
Incident facts
- Incident title
- Nerve Bridge 2021 metapool exploit
- Bridge
- NerveNetwork
- Incident date
- 2021-11-15
- Incident type
- Metapool Exploit
- Major incident
- Yes
- Affected chains
- BNB Chain, NerveNetwork
- Affected assets
- fUSDT, UST, BNB
- Attack category
- Metapool Exchange Amount Calculation Bug
- Reported loss
- Approximately 900 BNB attacker profit
- Recovery
- Unknown
- Reimbursement
- Unknown
- Restart
- Unknown
- Current outcome
- Protocol Active After Incident
- Resolution
- Unresolved
- Last reviewed
- 2026-06-16
- Last verified
- 2026-06-16
Timeline events
Nerve Bridge metapools exploited2021-11-15
An attacker exploited the fUSDT and UST metapools on BNB Chain, exhausted their liquidity, and gained approximately 900 BNB according to BlockSec.
BlockSec published Nerve Bridge root-cause analysis2021-11-18
BlockSec attributed the incident to an inconsistent exchange-amount calculation in a Saddle-derived metapool implementation and compared it with the earlier Synapse vulnerability.
Evidence records
- The Analysis of Nerve Bridge Security IncidentBlockSec · Tier 2 · 2021-11-18
- Explained: The Synapse and Nerve Bridge HacksHalborn · Tier 2 · 2021-11-24
Known unknowns
- The exact user-loss allocation and final reimbursement outcome remain unverified.
- The exact restart date for the affected pools was not established.