MAPO Falls 96% After Butter Network Bridge Mint Exploit

Map Protocol’s native token MAPO fell 96% on Wednesday after an attacker exploited a vulnerability in the Butter Network cross-chain bridge to mint a quadrillion tokens. The token price dropped from about $0.003 to $0.0001 within hours.

The attacker created a supply many thousands of times larger than the legitimate issuance, used a newly created externally owned account to sell roughly 1 billion MAPO on Uniswap and withdrew about 52 ETH (approximately $180,000) from liquidity pools. The attacker still holds nearly a trillion MAPO tokens that could affect other pools or exchange listings.

Map Protocol paused its mainnet and began a contract migration process while teams investigate the incident. The project said it will publish a new contract address and select a time to take an asset snapshot for conversion. The project wrote, “Any remaining tokens held by attacker-controlled addresses will be fully invalidated and will not be included in any future snapshot or conversion process.”

Technical analysis traced the breach to the Solidity contract layer used by Butter Network’s bridge. The attacker first submitted a legitimate oracle multisig-signed message, then deployed a malicious contract and resent a modified “retry” message that matched the original hash but was forged. The bridge accepted the message and executed the mint. No private keys were taken and no light clients were compromised; investigators described the flaw as a Solidity issue involving multiple dynamic fields.

Butter Network paused its ButterSwap interface and reported that user funds were not at risk.

The MAPO incident is part of a wider pattern of cross-chain bridge and DeFi exploits this month. At least 18 protocols have reported compromises recently, including THORChain, the Verus Protocol Ethereum bridge, Transit Finance, TrustedVolumes, Ekubo, Echo Protocol and RetoSwap. These attacks have often exploited validation failures or logic errors that allow unauthorized token creation or transfers.

Separately, the TON-TAC asset bridge published a post-mortem for a May 11 incident in which $2.68 million was withdrawn after sequencer software accepted a counterfeit wallet that lacked proper code-hash and minter checks. Recovery efforts have secured about 80% of affected assets. The TON-TAC bridge remains paused pending an independent audit of the sequencer and actions to restore liquidity.

Map Protocol’s migration and planned snapshot aim to remove the attacker-minted tokens from circulation. The timeline for restoring services and relisting assets will depend on audit findings and the execution of the conversion process.