TechFlow reports that on June 16, Syscoin released a security incident report detailing the UTXO-to-NEVM bridge vulnerability. This incident resulted in approximately 5 billion SYS tokens being unauthorizedly released on the UTXO side. The affected funds have since been returned to the official recovery address and permanently destroyed via the standard OP_RETURN mechanism, rendering them unusable by the protocol. As a result, the on-chain SYS supply has reverted to its expected value. Currently, the bridging functionality remains suspended while the team completes its final review and remediation.
Syscoin stated it will fix the cross-layer parsing flaw. The core lesson from this incident is that cross-layer systems must uniformly normalize data, and any ambiguous bridging proof should default to failure.
