MAP Protocol’s Butter Bridge Exploit Minted a Quadrillion Tokens

On May 20, 2026, an attacker fed a forged retry message into MAP Protocol’s Butter Bridge V3.1 and walked away having minted 1 quadrillion MAPO tokens, approximately 4.8 million times the legitimate circulating supply of around 208 million. The OmniServiceProxy contract on Ethereum and BNB Chain accepted the counterfeit instruction as valid, executed the mint, and routed the tokens straight to a fresh externally-owned account. MAPO, which had been trading near $0.003 before the attack, collapsed to roughly $0.0001 within hours, a drop of around 96%, before stabilizing near $0.0020 the following day, still down more than 34% from its pre-exploit price.

By May 21, the protocol had paused Butter Bridge operations and ButterSwap, confirmed a patch and redeployment were in progress, and warned holders to stay away from MAPO pools on Uniswap while liquidity remained at risk. The team said pending swaps would be honored once operations were secure. MAP Protocol’s statement on X put it plainly: “Bug sits at the Butter contract layer. Patch, audit, and redeployment are in progress.” What it did not say is that this specific category of failure has been written up, analyzed, and mourned in post-mortems across the DeFi industry since at least 2022.

How the Forgery Worked

Security firm Blockaid reconstructed the attack sequence in detail. The attacker opened by initiating a legitimate MAP-to-ETH bridge message, one that passed normal oracle and multisig validation checks. That message was directed at a precomputed contract address where no code had yet been deployed, so the bridge stored it as a pending retry entry rather than executing it.

Then the attacker deployed a contract at that same address, a maneuver possible under specific conditions in Ethereum’s account model. Once the contract was live, the retry function was triggered again, but with a structurally different message payload. The bridge’s verification logic used keccak256(abi.encodePacked(...)) to authenticate the data, a hashing method that concatenates dynamic fields before producing a fingerprint. The problem: when multiple variable-length fields are packed together, different arrangements of those fields can hash to the same result. The spoofed message matched the original hash. The system believed it was valid. ButterNetwork later confirmed the root cause in its own words: “an abi.encodePacked collision across dynamic-bytes fields in our bridge retry path allowed a forged retry to pass the guard check.”

The attacker cashed out a portion of the minted supply quickly, dumping roughly one billion tokens into Uniswap liquidity pools and extracting about 52.2 ETH, worth approximately $110,000 at the time of the alert from security firm PeckShield, Inc. A larger tranche, reported near one trillion tokens, remains under attacker-controlled addresses and continues to hang over any pool or exchange that touches MAPO.

The Pattern Behind This Failure

Four years of bridge exploit data points in one direction. Cross-chain bridges accounted for roughly $1.3 billion, or 57%, of all Web3 losses in 2022 alone, according to security firm CertiK, across five separate incidents. The Ronin Bridge, built for the blockchain game Axie Infinity and operated by Sky Mavis, lost over $624 million in March of that year when attackers compromised private keys across five validator nodes. Nobody noticed for six days; the breach was discovered only when a user tried to withdraw 5,000 ETH and the transaction failed. Wormhole fell to an abandoned but unremoved smart contract function two months earlier, costing $320 million. The Nomad bridge lost $190 million in August because a routine upgrade accidentally initialized the trusted root to the zero address, making every message automatically valid; over 300 separate wallet addresses piled in once the vulnerability was public, no technical expertise required.

Each of those incidents produced post-mortems, audits, and pledges to do better. The structural problem has not gone away. Cumulative bridge losses since 2022 have exceeded $2.8 billion, representing roughly 40% of all value hacked in Web3, per data tracked through the first quarter of 2026. What the Butter Bridge exploit adds to the ledger is not just another line item. It confirms that the hashing vulnerability class that produced the Nomad free-for-all is still being deployed in production bridge software in 2026.

A Year Already on Record Pace

The Butter Bridge attack landed during what is already the most damaging period for DeFi security since the category existed. PeckShield, Inc. tracked eight major bridge-related exploits draining a combined $328.6 million in the first half of May 2026 alone. That figure sits on top of a year that had already exceeded $775 million in total DeFi losses by mid-April, led by the $292 million KelpDAO rsETH bridge drain on April 19 and the $285 million Drift Protocol exploit on April 1, the latter attributed to a months-long social engineering campaign by a North Korean hacking group.

April 2026 became the worst single month for crypto hacks ever recorded, with more than $629 million drained across more than 25 separate incidents, according to DeFiLlama data. Protocols named in the damage list during that stretch include Kelp DAO, Drift Protocol, Hyperbridge, and CoW Swap, a DEX aggregator that lost $1.2 million to a domain hijacking rather than a contract bug. The variety of attack vectors in that period, smart contract flaws, oracle manipulation, social engineering, and domain fraud, underscores that no single class of fix addresses the full exposure.

In that context, the MAP Protocol incident is one of at least 18 DeFi and blockchain protocols compromised in May so far, per CoinTelegraph. The MAPO token’s intraday low of roughly $0.0001 pushed its market capitalization below $1 million at the nadir, per CoinGecko, against a circulating supply that briefly ballooned to a figure the protocol’s own tokenomics model has no mechanism to absorb.

MAP Protocol’s Architecture and Where It Broke

The Light-Client Model

MAP Protocol markets itself around a peer-to-peer omnichain infrastructure layer built for BTC, stablecoin, and tokenized-asset transfers. Its architecture uses light clients and MPC-based threshold signatures for cross-chain verification, a design that in theory reduces dependence on trusted third-party validator committees. The argument is that cryptographic verification at the protocol level shrinks the attack surface that felled multisig-dependent bridges like Ronin and Horizon.

Where the Guarantee Failed

The Butter Bridge exploit did not compromise MAP’s light-client layer or its threshold signature scheme. It targeted message validation in the Solidity contract logic sitting above that infrastructure, specifically the retry path inside the OmniServiceProxy contract. That distinction matters for understanding the scope of the breach. The deeper architectural claims MAP makes about its peer-to-peer model are not directly refuted by this exploit. What is refuted is the implicit guarantee that more sophisticated architecture at one layer provides meaningful protection when a contract-level coding error lives at another. Security is only as strong as its weakest verification step, and the weakest step here was a hashing function that did not distinguish between structurally different inputs.

The 2026 Bridge Damage Ledger

What Holders Face Now

For anyone holding MAPO tokens, the immediate constraint is straightforward: transfers between the Ethereum ERC-20 version and the native mainnet token remain suspended until MAP Protocol completes its patch and redeployment. ERC-20 holders stay on Ethereum. Mainnet holders stay on mainnet. MAP Protocol has said it will announce a new contract address and conduct an asset snapshot at an appropriate time.

The supply problem is the harder question. Going from 208 million tokens in circulation to one quadrillion in a single transaction is a dilution event no standard tokenomics model accounts for. MAP Protocol’s stated plan is explicit on one point: “Any remaining tokens held by attacker-controlled addresses will be fully invalidated and will not be included in any future snapshot or conversion process.” That commitment, if executed cleanly through a contract migration and snapshot, is the standard playbook for infinite-mint recoveries. Execution is the variable. The attacker still controls a large residual token position. Until those addresses are definitively invalidated on-chain and the new contract deployed, any exchange or pool that touches MAPO carries a live overhang.

The dollar losses directly extracted, approximately 52.2 ETH or around $110,000 at alert time, place this well below the scale of the Kelp DAO or Drift incidents. But the token collapse from $0.003 to $0.0001 at the intraday low represents a near-total wipeout for anyone who held MAPO as a market position rather than as bridge infrastructure. The distinction between the exploit’s direct proceeds and its market impact is the relevant measure for holders, and those two numbers point in different directions.

The Structural Problem That Audits Have Not Solved

Bridge total value locked hit $21.94 billion as of March 2026, and the growing bridge TVL has made cross-chain infrastructure the highest-value attack surface in DeFi, year after year. The asset concentration is the reason the math keeps working for attackers even on protocols that have passed external audits. Less than 2% of DeFi’s total value locked is covered by insurance products, according to Nexus Mutual founder Hugh Karp, speaking to CoinDesk, leaving the vast majority of bridge-dependent positions with no financial backstop when contracts fail.

The abi.encodePacked hash collision that broke Butter Bridge is not an exotic zero-day. It is a documented Solidity pitfall, flagged in developer documentation and audit checklists, that slips through when teams use packed encoding on dynamic-length fields without switching to abi.encode, which pads fields to prevent collisions. That a protocol positioning itself on cryptographic verification missed this in its V3.1 contract is the reckoning the industry has been deferring since 2022.

The post-mortem, when MAP Protocol publishes it, will describe the fix. Patch applied. New contract deployed. Snapshot taken. Operations resumed. That sequence closes the incident. It does not close the question of why the same class of message-validation failure keeps producing the same category of outcome, in protocols that looked at every prior failure and concluded their architecture was different enough to be safe.

• Bridges hold concentrated honeypots: a single contract often custodies wrapped assets backing dozens of downstream protocols simultaneously.
• Cross-chain message verification is inherently hard: every bridge must authenticate instructions from a chain with its own consensus rules, and any gap in how those instructions are encoded or hashed becomes an entry point.
• Audits miss implementation-layer bugs: MAP Protocol’s light-client model was not the failure point; the contract-level retry logic was, and that layer sits below what architectural audits typically scrutinize.
• Recovery incentives are misaligned: most DeFi insurance products cover smart contract bugs but not bridge-message validation failures, leaving users with no backstop even when protocols behave exactly as their contracts specify.

MAP Protocol’s next disclosed milestone is the new contract address and snapshot timing. Until that announcement lands with on-chain confirmation, the attacker’s residual token position remains the variable that decides whether the recovery is clean or contested.

Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency positions carry significant risk, including total loss of principal. Figures are accurate as of publication on May 21, 2026; readers should verify current status through MAP Protocol’s official channels before making any decisions.