Gravity Bridge
An attacker took over Gravity Bridge's validator set on Ethereum and drained about $5.4 million. Gravity is a bridge between Ethereum and the Cosmos-based Gravity chain, and its Ethereum contract releases funds only when validators holding two thirds of the voting power sign off. The attacker got enough of the real validators to sign a change that shrank the set from 58 validators to 34, concentrating control, then used that concentrated set to sign withdrawals that emptied the bridge's USDC, ETH, USDT and gold-backed PAXG. The funds were swapped to ETH and moved through ChangeNow and Binance. The attacker still holds about 2,059 ETH.
Gravity Bridge is not one of the protocols we publish a live safety score for, so we had no prior reading on it. The weakness here is the kind our model weighs heavily for bridges: the validator set that guards the funds could be reconfigured by the validators' own signatures alone, with no waiting period, no separate guardian, and no emergency stop. Once enough signing keys are subverted, there is nothing on-chain to slow the attacker down.
Gravity's Ethereum contract the bridge trusts whatever its stored validator set signs. A wallet that had been a legitimate Gravity relayer in early 2025, then went quiet for about 280 days, woke up and called updateValset, shrinking the validator set from 58 to 34 with enough signatures from the old set to pass the two-thirds threshold. About 28 hours later the concentrated set signed withdrawals that drained the bridge into a single recipient wallet, after which the funds were swapped to ETH and consolidated at a holding wallet and partly sent through ChangeNow and Binance.
Safe. The Gravity Bridge contract code itself, and other bridges and protocols, were not affected.
Validators' signing infrastructure was subverted, so two thirds of the 58-set signed updateValset to shrink it to 34 and concentrate power, then that set signed withdrawals that drained the bridge. The contract behaved exactly as designed.
Full forensic detail
Step-by-step reconstruction, root cause, counterfactuals, remediation, and disclosure timeline.
Exploit anatomy
Root cause
Gravity's Ethereum contract verifies that withdrawals and validator-set changes carry signatures from the stored validator set worth at least two thirds of the voting power. The signatures are the only authority, and there is no timelock, guardian, or circuit breaker on validator-set changes. The validators' signing infrastructure was compromised so that two thirds of the 58-validator set signed a change that shrank the set to 34 and concentrated power. The attacker then drained the bridge through withdrawals signed by that concentrated set. The contract behaved exactly as designed; the off-chain signing authority was subverted.
// Gravity only checks signature power, not whether a valset change is safe
function updateValset(ValsetArgs newValset, ValsetArgs currentValset, Signature[] sigs) external {
// ...verify currentValset matches checkpoint...
checkValidatorSignatures(currentValset, sigs, newCheckpoint, powerThreshold); // 2/3 power
state_lastValsetCheckpoint = newCheckpoint; // no timelock, no guardian, instant
}Prevention analysis
Similar incidents
Attacker obtained enough validator signing keys to authorize withdrawals. The bridge code was correct; the validator set was subverted. Same shape, larger scale.
Compromise of the multisig signer keys controlling the bridge; the stolen keys met the signing threshold and drained it.
Custodial signer authority over bridge-held assets was exercised to drain them. A signer-side compromise, not a code bug.