Last updated on May 18th, 2026 at 01:03 am
Hyperbridge has launched a public bug bounty program offering up to $50,000 to security researchers who identify critical vulnerabilities in its cross-chain protocol, as the project moves to strengthen defenses following a major exploit earlier this year.
The program, hosted on HackenProof, is now live and open to independent researchers reviewing Hyperbridge’s codebase. The protocol allows blockchains to communicate and transfer assets using consensus and state proofs instead of traditional bridge systems that depend on multisig validators.
The Hyperbridge bug bounty program is now live on HackenProof.
Independent security researchers can review the Hyperbridge codebase and submit vulnerability reports through the security platform
🧵 pic.twitter.com/WjnTe3vBnk— Hyperbridge (@hyperbridge) May 15, 2026
Rewards target major bridge vulnerabilities
According to the program details, payouts start at $200 for low-severity bugs and range between $2,000 and $5,000 for medium-level findings. High-severity vulnerabilities can earn researchers between $5,000 and $15,000, while critical flaws are eligible for rewards of up to $50,000.
The scope covers the entire Hyperbridge protocol repository. Researchers are encouraged to report issues including logic flaws, access-control weaknesses, reentrancy attacks, cross-chain message spoofing and state manipulation vulnerabilities that could compromise user funds or message integrity.
Hyperbridge also stated that all testing must be conducted on local forks. Attacks on live infrastructure, social engineering attempts and third-party exploits are excluded from the program.
April exploit exposed cross-chain risks
The bounty launch follows a major exploit in April that exposed vulnerabilities in Hyperbridge’s cross-chain gateway system.
During the attack, a hacker minted nearly 1 billion fake DOT-linked tokens on Ethereum after reportedly gaining admin control through a forged cross-chain message. The attacker later extracted around $237,000 worth of ether from the protocol.
While the exploit affected the bridged DOT representation on Ethereum, Polkadot’s native network itself was not compromised. The incident highlighted ongoing security concerns around blockchain bridges, where weak verification systems and forged messages remain common attack methods.
Additionally, on April 12 three separate transactions exploited a vulnerability in the SubQuery Network’s Settings contract on the Base network, resulting in the unauthorized drainage of 359,614,732 SQT tokens.
Cross-chain expansion continues despite security concerns
Despite the exploit, Hyperbridge continues to expand its cross-chain infrastructure partnerships. Earlier this year, Enjin integrated Hyperbridge on testnet to support stablecoin transfers involving USDC and USDT between Ethereum and BNB Chain.
The new bug bounty program places Hyperbridge under broader public security review as the protocol works to prevent future cross-chain exploits and improve trust in its bridge infrastructure.
Enjoyed this? Bookmark DeFi Planet, explore related topics, and follow us on Twitter, LinkedIn, Facebook, Instagram, Threads and CoinMarketCap Community for seamless access to high-quality industry insights
Take control of your crypto portfolio with DEFI PLANET PRO, DeFi Planet’s suite of analytics tools
