1 Quadrillion MAPO Minted in Bridge Exploit, Token Drops 30%
1 Quadrillion MAPO Tokens Minted in Bridge Exploit – Token Price Falls Nearly 30%
Key Takeaways
- Attackers minted 1,000,000,000,000,000 MAPO tokens via a vulnerability in Butter Bridge V3.1.
- The unauthorized mint equaled roughly 4.8 million times the legitimate circulating supply of about 208 million MAPO.
- The attacker extracted around 52.2 ETH, valued at about 110,000 USD, and removed more than 180,000 USD in liquidity from Uniswap pools.
- MAPO fell nearly 30% following the incident, dropping from around 0.003 USD to approximately 0.001558 USD.
- Most of the inflated token supply remains in the exploiter’s wallet, and no formal mitigation statement has been issued by the project team.
Exploit in Butter Bridge V3.1 Enabled Massive Unauthorized Mint
On May 20, 2026, MAP Protocol’s Butter Bridge suffered a major security breach that led to the minting of 1 quadrillion MAPO tokens. According to security firm PeckShield, the incident was linked to a vulnerability in the OmniServiceProxy contract used in Butter Bridge V3.1.
The flaw allowed attackers to mint tokens on Ethereum and BSC without authorization. The exploiter triggered the mint through a spoofed cross chain message. On chain records show that 1,000,000,000,000,000 MAPO were transferred from the zero address to wallet address 0x40592025392BD7d7463711c6E82Ed34241B64279.
The scale of the mint is significant when compared to the legitimate circulating supply of approximately 208 million MAPO. The newly created tokens represented roughly 4.8 million times the amount of tokens in circulation prior to the attack.
On Chain Activity Shows Liquidity Extraction and Token Swaps
Blockchain data indicates that the attacker did not simply mint the tokens but also attempted to monetize the exploit. Portions of the newly created supply were swapped, allowing the exploiter to extract approximately 52.2 ETH, valued at about 110,000 USD at the time of the incident.
In addition, more than 180,000 USD in liquidity was removed from Uniswap pools. As trading pairs destabilized, liquidity providers and token holders experienced immediate disruptions. The majority of the inflated MAPO tokens remain in the attacker’s wallet, according to the available on chain information.
The rapid increase in supply placed immediate pressure on automated market maker pools, where token pricing is directly influenced by available liquidity and circulating supply. As the inflated tokens entered the market, the imbalance led to sharp price adjustments.
MAPO Price Drops Nearly 30% After Dilution Event
Before the exploit, MAPO traded at around 0.003 USD. Following the unauthorized mint and subsequent swaps, the token price fell nearly 30%. At the time of reporting, MAPO was trading at approximately 0.001558 USD.
The decline followed a pattern commonly observed in token mint exploits, where sudden and extreme supply expansion undermines price stability. In this case, the dilution was not incremental but immediate and substantial, given the scale of the unauthorized issuance.
Trading pairs were affected as liquidity shifted and confidence in the token’s circulating supply data was disrupted. The price drop occurred in the immediate aftermath of the exploit, reflecting the direct market response to the on chain events.
MAP Protocol’s Positioning and Security Claims Under Scrutiny
MAP Protocol describes itself as a Bitcoin Layer 2 and omnichain interoperability project. It positions its infrastructure as secure for BTC, stablecoins, and tokenized assets, relying on light clients and MPC based verification.
The vulnerability in the bridge contract exposed weaknesses in message validation despite these stated safeguards. According to PeckShield, the exploit specifically targeted how cross chain messages were verified in the OmniServiceProxy contract.
As of the time covered by the source material, the MAP Protocol team had not issued a formal public statement detailing mitigation measures. There has been no confirmed announcement regarding contract pauses, token blacklisting, or adjustments to the token supply.
For users interacting with decentralized finance protocols, bridge infrastructure represents a critical layer. Cross chain systems rely on accurate message verification to prevent unauthorized asset creation. When validation fails, the resulting exploits can directly impact token balances, liquidity pools, and market pricing.
Bridge Exploits Continue to Affect DeFi in 2026
The incident adds to a broader pattern identified by PeckShield in 2026. The security firm has tracked multiple bridge related exploits that have drained hundreds of millions of dollars across decentralized finance this year.
Bridges connect separate blockchains and allow assets to move between networks. However, they also introduce additional smart contract complexity. Each layer of message validation and asset minting or locking creates potential attack surfaces if not properly secured.
In this case, the exploit centered on unauthorized minting rather than direct theft from user wallets. However, the economic impact on token holders and liquidity providers was immediate due to the extreme supply inflation and subsequent price collapse.
Our Assessment
The minting of 1 quadrillion MAPO tokens through a vulnerability in Butter Bridge V3.1 led to immediate market consequences, including a nearly 30% price decline and the extraction of ETH and liquidity from decentralized pools. The exploit highlights the operational risks associated with cross chain bridge infrastructure and shows how contract level vulnerabilities can rapidly affect token supply, liquidity, and trading conditions. At the time covered by the available information, no formal mitigation measures had been publicly confirmed by the project team.
