Protect Your Project Today
Strengthen your project with the largest web3 security provider.
A CertiK security expert will review your request and follow up shortly.

Multichain Collapse: The Private Key Leak That Drained $125M+

Reports ·Incident Analysis ·
Multichain Collapse: The Private Key Leak That Drained $125M+

Project name: Multichain

Project type: Bridge

Date of exploit: July 6, 2023

Asset loss: More than $125M

Vulnerability: Private Key Issue

Date of audit report publishing:

  • Nov 11, 2022: MultiChain Foundation - Cardano (Golang)
  • Nov 21, 2022: MultiChain Foundation - Aptos (Move)

Conclusion: Out of Audit Scope

Details of the Exploit

Background

Multichain is a centralized cross-chain bridge protocol that allows users to bridge tokens between chains.

Nature of the Vulnerability

  • The private key of Multichain is compromised, allowing the attacker to drain assets from the bridge protocol

CertiK Audit Overview

Screenshot 2024-01-08 at 6.04.37 AM

Conclusion

On July 6, 2023, the cross-chain bridge protocol Multichain experienced large unauthorized withdrawals, suggesting a likely Private Key issue.

It is identified as an out-of-scope issue since it is not an implementation bug.

Related Blogs

Skynet Wrench Attacks Report
Reports ·Security Reports

Skynet Wrench Attacks Report

In 2025, wrench attacks unfortunately crossed a critical threshold. What was once treated as an edge-case risk has become a structural threat to digital asset ownership. Attackers are no longer acting opportunistically; they are operating as organized, transnational groups that combine OSINT-driven targeting, social engineering, and extreme physical violence to extract private keys.

Lessons from The Ledger Data Leak: How to Secure Your Crypto
Technical Blogs ·Best Practices

Lessons from The Ledger Data Leak: How to Secure Your Crypto

The recent Ledger data breach serves as a stark reminder that security extends far beyond the blockchain itself. Indeed, the exposure of personal details, including contact information and postal addresses, has opened a new front for sophisticated cyberattacks targeting ledger customers.

Hack3d: The Web3 Security Report 2025
Reports ·Security Reports

Hack3d: The Web3 Security Report 2025

Welcome to the 2025 Skynet Hack3D Report! This report offers deep dives into the exploits, vulnerabilities, and trends that define blockchain and smart contract security. They’re an invaluable resource for anyone seeking to understand the current landscape of Web3 security. Each report contains detailed incident analyses, technical insights, and the most comprehensive statistics on hacks, scams, and exploits in the entire Web3 industry.