On June 11, 2026, the Syscoin bridge minted 5 billion SYS after a malformed SPV proof slipped past the bridge relay parser. The proof failed validation that a stricter parser would have rejected, and the bridge issued tokens against deposits that were never made. Whitehats coordinated a recovery and the funds were returned, but the mechanism is the point: a bridge that mints wrapped value on one chain against a proof from another is only as safe as the parser checking that proof.
TL; DR: A malformed SPV proof tricked Syscoin's bridge relay into minting 5 billion SYS on June 11, 2026. The funds were whitehat-recovered. Treat the 5B SYS figure as an early estimate until a formal postmortem confirms it. A swap with no bridge has no proof to forge — coins route wallet to wallet, nothing is minted or pooled in between.
A クロスチェーンブリッジ is a contract pair that locks an asset on one chain and mints a representation of it on another. Its security reduces to one question: can someone forge the message that triggers the mint?
What happened to the Syscoin bridge
The Syscoin bridge accepts SPV (Simplified Payment Verification) proofs to confirm that a deposit happened on the source chain before it mints on the destination. On June 11, 2026, an attacker submitted a malformed proof that the relay parser accepted instead of rejecting. The bridge then minted 5 billion SYS against deposits that did not exist.
The failure was not in cryptography but in parsing — the relay trusted a proof it should have thrown out. No public audit record existed for that vulnerable relay path. The Syscoin team published receipts and coordinated a whitehat recovery, and the minted funds were returned. Treat the 5 billion SYS figure as an early estimate until a formal postmortem confirms it.
This is a recurring shape, not a one-off. Bridges and multisig vaults that mint, wrap, or hold pooled value remain the single largest target class in crypto. The rekt.news leaderboard (retrieved 2026-06-11) tracks the largest known losses — recent entries include a $10.7M THORChain drain on May 21, 2026 (THORChain rekt postmortem, retrieved 2026-06-11) and a Gnosis Safe-related loss of roughly $3.98M (per the rekt.news leaderboard, retrieved 2026-06-11). Different protocols, same lesson: pooled or wrapped value is a standing forgery target.
Why a bridgeless swap removes the attack surface
The Syscoin incident worked because a bridge had to 証拠 a deposit happened on another chain, and the proof was forged. A crypto-to-crypto swap with no bridge has no such proof to forge.
- No minting authority — A swap does not issue wrapped tokens. There is no mint function for a malformed proof to trigger.
- No pooled custody — Funds are not parked in a vault waiting to be matched against a proof. There is no standing balance to drain.
- No relay parser to fool — The swap routes the native asset wallet-to-wallet. There is no SPV-proof checkpoint in the middle that an attacker can feed bad input to.
GhostSwap is a no-KYC crypto exchange — no account, no email, no signup. It is non-custodial: funds pass through and are never held. That is not a marketing line in this context; it is the structural reason there is no pooled balance for a bridge-style exploit to mint against.
Bridge mint vs. non-custodial swap
| 機能 | Bridge mint | GhostSwap (non-custodial swap) |
|---|---|---|
| Wrapped tokens issued | Yes — mints a representation | No — native asset routed through |
| Pooled custody | Yes — vault holds locked value | No — funds pass through, never held |
| Proof/relay step | Yes — SPV proof checked by relay | No bridge proof in the path |
| アカウント/本人確認 | サービスにより異なります | 必要なし |
| 資産範囲 | Limited to bridged pairs | 200種類以上の資産にわたる1,600以上のペア |
| 典型的な完成 | 不定 | ~8 min median; ~30 min at p95 |
The pricing is floating-rate from aggregated liquidity, so the rate that settles is the rate when your funds arrive, not the moment you click — typically within the quoted spread.
How to swap out of a bridged asset without an account
If you are holding a wrapped or bridged token and want to move into a native asset like Bitcoin or Monero, the walkthrough is short:
- ペアを選択してください — choose your source asset and destination. To move into Monero, see the BTCからXMRへの交換ページ.
- 受取住所を入力してください — and a refund address. No account, no email, no identity verification.
- Send the source asset — to the deposit address shown.
- Funds convert — non-custodially, passing through; GhostSwap never holds them.
- Receive the destination asset — at your address, typically in about 8 minutes (up to ~30 at p95).
ライブスワップウィジェットは GhostSwapホームページ. Across the service there are 1,600+ pairs live spanning 200+ assets.
FAQ
Q: What caused the Syscoin bridge exploit?
A: A malformed SPV proof slipped past the bridge relay parser on June 11, 2026, which then minted 5 billion SYS against deposits that did not exist. The failure was in proof parsing, not cryptography. The funds were whitehat-recovered.
Q: Were the Syscoin funds recovered?
A: Yes. The Syscoin team published receipts and coordinated a whitehat recovery, and the minted SYS was returned. Treat the 5 billion SYS figure as an early estimate until a formal postmortem confirms it.
Q: How does a non-custodial swap avoid bridge-style exploits?
A: A swap with no bridge issues no wrapped tokens, holds no pooled custody, and has no relay proof to forge. The native asset routes wallet-to-wallet, so there is no mint function or vault balance for an attacker to target.
Q: GhostSwapで交換するにはアカウントが必要ですか?
A: No. There is no account, no email, and no identity verification required to swap. You supply a receiving address and a refund address; funds pass through non-custodially and are never held by GhostSwap.
Move into a native asset without a bridge
If a bridge or vault is the part of the stack you no longer trust, a non-custodial swap removes that piece entirely. Start at the GhostSwap スワップウィジェット または直接 BTCからXMRへのペアページ.
GhostSwapは登録された金融サービスではありません。
