Polkadot Hack: 1B DOT Minted on Ethereum, Profit Cap Explained
An attacker minted 1 billion unauthorized DOT tokens on Ethereum after exploiting Hyperbridge’s gateway contract, but shallow liquidity on decentralized exchanges limited the actual profit to roughly $237,000, a fraction of the tokens’ notional value.
Blockchain security firm CertiK Alert reported on April 13 that the attacker used a forged message to change the admin of the Polkadot token contract on Ethereum. With admin control, the exploiter minted 1 billion bridged DOT tokens and dumped the entire haul in a single swap.
We have seen an exploit on the @hyperbridge gateway contract. https://t.co/h27iDm1JGd
The attacker slipped through a forged message to change the admin of Polkadot token contract on Ethereum and profited ~$237K from minting and selling 1B tokens.
Stay… pic.twitter.com/3t2n4uq5hy
— CertiK Alert (@CertiKAlert) April 13, 2026
Source: @CertiKAlert on X
The tokens in question were not native DOT on Polkadot’s relay chain. They were bridged representations, ERC-20 tokens on Ethereum managed through Hyperbridge, the bridge that Polkadot DAO selected as its native bridge in April 2025. The exploit did not compromise Polkadot’s native chain or its native DOT supply.
This distinction matters. A billion tokens created on Ethereum carry no claim on Polkadot’s actual treasury or staking reserves. Their value depends entirely on whether someone on the Ethereum side will buy them, and how deep the available liquidity pools are.
Why 1 billion tokens yielded only $237,000
The attacker swapped the entire 1 billion-token haul in a single transaction and received approximately 108.2 ETH, worth roughly $237,000 at the time. At DOT’s spot price, 1 billion tokens would carry a notional value exceeding $1 billion. The gap between notional and realized value comes down to liquidity.
When Polkadot DAO backed Hyperbridge’s “DeFi Singularity” proposal, it allocated 795,000 DOT for a liquidity campaign across DOT/ETH and vDOT/ETH pairs on Ethereum mainnet, Base, Arbitrum, and BNB Chain. That treasury-seeded liquidity was finite and distributed across multiple chains and pairs.
On the Ethereum side specifically, the available depth in DOT trading pools was shallow relative to a billion-token dump. As the attacker’s single swap consumed all available buy-side liquidity, slippage crushed the effective price per token to near zero. The pool simply ran out of ETH to give.
This is the core mechanic that capped profits: the difference between the notional value of minted tokens and the executable value against real liquidity. A billion tokens are worthless if there is no counterparty willing to absorb them. The attacker could only extract what the pools held.
Market reaction and cross-chain risk
DOT traded at $1.17 following the incident, down roughly 4.6% over 24 hours. The broader crypto market moved far less in the same window, suggesting the decline was exploit-specific rather than macro-driven. DOT’s market cap sat near $1.96 billion with 24-hour volume at approximately $215 million.
The Fear & Greed Index already sat at 12, deep in “Extreme Fear” territory. The exploit landed in an environment where sentiment was already fragile, similar to other recent risk events in the space, including uncertainty around geopolitical developments tracked on crypto prediction markets.
Importantly, the damage was localized to Ethereum-side bridged DOT. Native DOT holders on Polkadot’s relay chain were not directly affected. The exploit exposed a vulnerability in Hyperbridge’s message verification layer, not in Polkadot’s consensus or governance mechanisms.
The incident highlights a recurring tension in cross-chain design. Bridge contracts act as trust boundaries between ecosystems, and a failure in message authentication on one side can create tokens that look real but have no backing. For traders, the takeaway is that bridged token versions carry risk profiles distinct from their native counterparts.
This is not the first time institutional interest in crypto assets has coincided with infrastructure-level vulnerabilities. As more protocols pursue cross-chain liquidity campaigns, the security of bridge contracts becomes a critical factor in how much capital those corridors can safely hold.
For DOT holders specifically, the exploit reinforces the importance of distinguishing between native tokens and their bridged representations. The attacker created synthetic supply on Ethereum; they did not access or inflate Polkadot’s actual token supply. Whether Hyperbridge patches the forged-message vulnerability and how the DAO responds to the liquidity implications will shape near-term confidence in the bridge’s continued role as crypto infrastructure expands across chains.
Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency and digital asset markets carry significant risk. Always do your own research before making decisions.
