Hyperbridge has launched a new public bug bounty program on the HackenProof platform, offering rewards of up to $50,000 for critical security flaws. The program is designed to get more eyes on the protocol’s codebase and catch vulnerabilities before they can be exploited again.
The bounty covers the full Hyperbridge protocol repository. Rewards start at $200 for low-severity issues, go up to $2,000 to $5,000 for medium findings, and reach $5,000 to $15,000 for high-severity bugs. Critical vulnerabilities can earn the top reward of $50,000.
Focus on common bridge risks
The team is particularly interested in logic flaws, access-control problems, reentrancy issues, cross-chain message spoofing, and state manipulation. Any bug that could affect the integrity of messages or funds is in scope.
The program comes just weeks after an April exploit. An attacker managed to mint around 1 billion fake $DOT-equivalent tokens on Ethereum through Hyperbridge’s cross-chain gateway. According to reports, the attacker gained admin control by forging a cross-chain message and extracted about $237,000 worth of ether.
The fake supply affected the bridged DOT representation on Ethereum, though Polkadot’s native network remained technically unaffected. The case highlighted how forged messages and weak verification checks remain persistent problems in bridge security.
Clear rules for researchers
Hyperbridge has set clear ground rules for the bounty. All testing must be done on local forks only. Live infrastructure attacks, social engineering, and third-party exploits are out of scope. The program also bans DDoS testing, spam, and public disclosure of vulnerabilities without prior approval.
Researchers are required to submit proof-of-concept demonstrations with their reports. The HackenProof page notes that reports based solely on theory won’t be accepted. The team wants concrete evidence of any claimed vulnerability.
Cross-chain use case remains active
Bridge security is not just a theoretical concern for Hyperbridge. Back in May 2025, Enjin Blockchain used Hyperbridge on testnet to move stablecoins like USDC and USDT between Ethereum and BNB Chain. That project showed how the protocol is being put to real use.
In typical bridge setups, users lock tokens on one chain to receive a matching version on another. When proof checks fail, the risk can spread from a single contract into a wider cross-chain system. The new bounty should help Hyperbridge put its code under broader review as the team works to reduce the chance of repeat failures.
![]()

