Wormhole Bridge (Solana ↔ Ethereum): Signature verification bypass via deprecated sysvar → fraudulent SignatureSet → fake mint of 120k wETH on Solana

Wormhole's Solana bridge was tricked into minting 120,000 wETH backed by nothing, by exploiting a subtle discrepancy in Solana's sysvar API that bypassed guardian signature verification.

Occurred 2022-02-02 Loss $326M Status closed

Summary #

Wormhole Bridge (Solana ↔ Ethereum) suffered a Cross-Chain Bridge on 2022-02-02, resulting in a loss of approximately $326M.

What happened #

Wormhole's Solana bridge was tricked into minting 120,000 wETH backed by nothing, by exploiting a subtle discrepancy in Solana's sysvar API that bypassed guardian signature verification.

Linked factors #

RD-F-007 — illustrative : Bug bounty absent — baseline integrity gap [via dashboard_risk_factors/Bug bounty: Unknown — no public bug bounty program referenced; post-exploit the team offered a $10M whitehat bounty]
RD-F-077 — related : Auto-linked by C.4 triage 2026-05-07