pNetwork 2021 pBTC-on-BSC exploit
A bug in pNetwork's Rust event-log extraction caused malicious peg-out requests to be processed on the pBTC-on-BSC bridge. The attacker stole 277 BTC collateral; other pTokens bridges were stopped and were not successfully drained.
Incident facts
- Incident title
- pNetwork 2021 pBTC-on-BSC exploit
- Bridge
- pNetwork
- Incident date
- 2021-09-19
- Incident type
- Exploit
- Major incident
- Yes
- Affected chains
- Bitcoin, BNB Chain
- Affected assets
- BTC
- Attack category
- Event Log Parsing Bug
- Reported loss
- 277 BTC
- Recovery
- None Confirmed
- Reimbursement
- Announced
- Restart
- Partial Reopen
- Current outcome
- Bridge Family Later Deprecated
- Resolution
- Unresolved
- Last reviewed
- 2026-06-15
- Last verified
- 2026-06-15
Timeline events
pBTC-on-BSC exploited and pNetwork bridges paused2021-09-19
The team stopped all bridges after detecting the pBTC-on-BSC exploit and reported 277 BTC stolen from collateral.
Fix deployed and unaffected bridges gradually reactivated2021-09-19
pNetwork implemented a fix and gradually reactivated unaffected bridges after additional review and security checks.
pNetwork announced a community compensation process2021-09-21
The postmortem said DAO proposals would be used to develop compensation for current pBTC-on-BSC holders.
Evidence records
- pNetwork Post Mortem: pBTC-on-BSC ExploitpNetwork · Tier 1 · 2021-09-21
- pNetwork pBTC-on-BSC exploit analysisRekt · Tier 2 · 2021-09-20
Known unknowns
- Final compensation amount, recipients, and completion date remain unverified.
- The final disposition of the stolen BTC is not established here.