XRP briefly broke below a closely watched support level on Sunday before buyers stepped in.

The token fell to roughly $1.12 on some of the session’s heaviest volume, then rebounded toward $1.15 within hours, leaving traders focused less on the decline itself and more on whether the latest test of support signals accumulation or another pause in a broader downtrend.

News Background

• XRP continues to trade inside the same broad $1.10-$1.30 range that has contained price action for most of June.

• Analysts remain split between viewing the range as a base-building phase and a continuation pattern within a larger downtrend.

Price Action Summary

• XRP fell from $1.1451 to $1.1383 during the 24-hour session, a decline of roughly 0.6%.

• Selling accelerated around 21:00 UTC when volume surged to 85.8 million XRP, pushing price down to a session low near $1.1213.

• Buyers quickly absorbed the move, driving XRP back toward $1.148 and recovering most of the breakdown before consolidation set in.

Technical Analysis

• The initial break below $1.1385 looked significant, particularly because it occurred on the largest volume spike of the session.

An attacker exploited an “infinite mint” vulnerability in a smart contract on Secret Network to create wrapped versions of Axelar-backed assets without the normal backing. According to Common Prefix, the resulting loss reached $4.67 million, with the incident first occurring on June 10 and later being detected on June 17 after irregularities surfaced during a failed cross-chain transfer.

The exploit relied on a flaw in how inbound transfers were handled: the contract minted genuine saTokens without verifying that the tokens being deposited originated from a legitimate source. After discovery, the attacker redeemed the forged saTokens through Axelar’s standard routes, draining the real wrapped assets held in escrow. Common Prefix reported the issue on Friday, citing on-chain findings and the sequence of redemptions.

Key takeaways

• An “infinite mint” bug on Secret Network allowed unbacked Axelar-wrapped assets (saTokens) to be minted.
• The vulnerability stemmed from missing verification of the inbound transfer source before minting, enabling forged deposits to produce real tokens.
• Common Prefix estimates the exploit’s impact at $4.67 million, with detection coming a week after the June 10 attack.
• The attacker redeemed saTokens back to the underlying assets held in escrow, then moved proceeds to Ethereum and split holdings across multiple wallets.
• Axelar said its network and IBC were not compromised, and that the affected contract was not developed or maintained by Axelar.

How the Secret Network “infinite mint” unfolded

The Secret Network incident centered on a smart contract that minted Axelar-wrapped tokens (saTokens) tied to assets held in escrow. Common Prefix’s analysis indicates the contract did not verify the source of inbound transfers prior to minting. As a result, deposits that were forged over an attacker-controlled channel could trigger minting of genuine saTokens without corresponding backing assets.

Common Prefix said the attacker then redeemed those Axelar-wrapped saTokens back through legitimate channels. Because the real wrapped assets were stored in escrow, the redemption process allowed the attacker to withdraw the backed collateral that should have corresponded to the issued tokens. In short, the breach converted what should have been a “wrapped claim” into an extractable withdrawal by breaking the token-to-collateral link at the minting stage.

Assets targeted and the size of the exploit

Common Prefix reported that multiple Axelar-wrapped tokens were minted without backing. The affected set included saUSDT, saUSDC, saDAI, saWETH, saWBTC, saWBTC? and saBNB, as well as sawstETH (as listed in Common Prefix’s report). The firm estimated the total exploit impact at $4.67 million.

Secret Network is a privacy-focused layer-1 blockchain in the Cosmos ecosystem. Axelar, meanwhile, is an interoperability network designed to connect different blockchain ecosystems. The incident highlights the risk that can arise when wrapped assets and cross-chain messaging rely on correct validation logic—especially when minting depends on the integrity of inbound transfer proofs.

Discovery, attacker movement, and where funds ended up

While the exploit happened on June 10, Common Prefix said it wasn’t detected until June 17. The delayed discovery was linked to a failed cross-chain transaction that returned an “insufficient funds” error involving the drained account. That error drew attention to the fact that tokens had likely been minted without sufficient backing.

After redemption, Common Prefix reported that the attacker moved the stolen assets to Ethereum and converted the proceeds to Ether (ETH). The firm also said the attacker split the funds across roughly 30 wallets, eventually depositing with exchanges including KuCoin, ChangeNow, and HitBTC—details that matter for monitoring and potential recovery efforts, since multi-wallet distribution can slow down tracing and enforcement.

Secret Network and Axelar respond: what was and wasn’t compromised

Secret Network posted a security incident warning, advising holders of Axelar-bridged saXXX tokens on Secret that the backing for those tokens was affected and that their funds may be lost. The warning, published after the incident became public, focused on user risk rather than suggesting that all tokens on Secret were compromised.

Axelar addressed the incident separately after “some confusion” circulated around the breach. In a post on Saturday, Axelar stated that neither Axelar nor IBC was compromised. It also said the exploited token smart contract was not developed, deployed, or maintained by Axelar, and that Axelar’s firewalling helped prevent broader impact across chains. For users and builders, the distinction matters: it suggests that the failure was contained to the contract logic on Secret’s side of the integration rather than a systemic breach across the broader Axelar interoperability stack.

Why this case fits a broader pattern of bridge and wrap exploits

Common Prefix placed the Secret Network hack in the context of a busy month for crypto exploits. According to DeFiLlama data cited in the article, crypto protocol hacks and exploits now number at least 22 for the month, reflecting continued pressure on cross-chain infrastructure and token-wrapping mechanisms.

Earlier this month, Cointelegraph reported major losses tied to other cross-chain incidents, including Humanity Protocol and Syscoin Bridge, which lost $32 million and $8 million, respectively. Together, these cases underscore a recurring theme: cross-chain systems can fail at multiple layers—message validation, escrow accounting, wrapped-token minting, and redemption logic—meaning that a vulnerability in one link can lead to direct fund drains if the surrounding checks are incomplete.

For investors and traders, the practical implication is that token “existence” on a destination chain does not always guarantee collateral backing. In the Secret Network incident, the tokens were minted in a way that broke that assumption, turning wrapped representations into potentially uncollectible claims. For developers, the bigger lesson is straightforward: minting logic that depends on inbound data must treat verification as part of the core security model, not an optional step.

Looking ahead, users holding affected saTokens on Secret should monitor Secret Network’s incident updates and any follow-on recovery or remediation announcements. Meanwhile, builders integrating interoperability routes should watch closely for contract-level fixes and updated validation requirements—because as this exploit shows, a single missing verification step can propagate into real withdrawals from escrow even when the interoperability provider itself insists it was not compromised.

Eli Ben-Sasson, cofounder of StarkWare and a founding scientist of Zcash, has shared his view on the recent debate around the Ethereum Foundation. 

His comments came as Ethereum faces questions over leadership changes, funding pressure and the role of layer-2 teams in the wider ecosystem.

Ben-Sasson said he was not joining criticism of the foundation and was not claiming that Ethereum is near its end. He also said he was not trying to defend the foundation by saying everything was fine. “Ethereum has many strengths, and it also has its politics,” he wrote.

StarkWare history frames his point

Ben-Sasson said StarkWare’s first paid project in 2019 and 2020 focused on a post-quantum secure, scalable ZK-STARK system for Ethereum. He said the work aimed to help Ethereum scale and become more ready for future quantum security risks.

He also pointed to StarkWare’s later choices, including STARKs, Cairo, zkVM work, native account abstraction and Bitcoin scaling. He said those choices were not always popular and were sometimes viewed as “misaligned.” Ben-Sasson said he was glad the team made them because he sees them as the right technical decisions.

Exits and funding worries add pressure

His comments came during a tense period for the Ethereum Foundation. As previously reported by crypto.news, Hsiao-Wei Wang stepped down as co-executive director and board member after returning from a sabbatical. Her exit followed other staff changes and came after Tomasz Stańczak also left a co-executive director role.

The debate also includes funding concerns. Former Ethereum Foundation contributor Trent Van Epps warned that Ethereum core development could face a funding gap within three to nine months. He linked that risk to spending cuts and the end of the Client Incentive Program. Tom Lee later rejected that warning, saying there was “zero chance” of such a crisis.

Merit versus alignment becomes the issue

Ben-Sasson’s main point centered on how Ethereum should judge teams and ideas. He said the ecosystem placed too much weight on whether teams appeared aligned or misaligned. He argued that technical merit should matter more than social labels or political positioning.

“As part of the ecosystem and supporter of all things crypto, I hope the new system that will arise will give a lot of weight to merit and technology, and less for alignment,” Ben-Sasson wrote. 

He added that he would want to work more closely with that system if it moved in that direction.

That framing also answers past complaints that StarkWare moved outside Ethereum’s preferred path. In his view, useful engineering can start outside consensus and still become part of the broader stack later. The post did not propose a formal governance plan for the wider ecosystem.

His comments place StarkWare’s experience inside a wider Ethereum governance debate. Layer-2 teams depend on Ethereum, but they also make independent technical choices. That can create tension when foundation priorities, roadmap work and community expectations do not move at the same pace.

Toss Bank has signed a memorandum of understanding with the Solana Foundation to test blockchain-based global remittance and settlement infrastructure. 

The agreement was signed in Seoul on June 19 and disclosed on June 22, according to Digital Today.

The bank called the deal the first direct one-to-one strategic partnership between a South Korean internet-only bank and the Solana Foundation. The two sides will study how the Solana network can support overseas transfers, payments and later digital asset services.

Remittance test leads cooperation

The first area of work will be a proof of concept for global remittances and settlement. Toss Bank plans to test whether stablecoins can make overseas transfers faster and easier while keeping the service close to existing banking flows.

Toss Bank said the cooperation covers a joint review of blockchain-based payment and settlement models. It will also assess future financial services linked to stablecoins, digital assets and tokenized assets. Park Jin-hyeon, head of strategy at Toss Bank, said the deal was a “starting point” for applying blockchain-based financial infrastructure to services the bank already runs.

South Korea rules shape timing

The timing links the Toss Bank plan to South Korea’s changing digital asset rules. As crypto.news recently reported, South Korea is considering whether fintech firms should join a new licensing regime for cross-border virtual asset transfers due to take effect in December.

That policy shift may matter for banks and fintech firms testing blockchain remittances. Approved firms could offer blockchain-based overseas transfers and foreign exchange services under formal oversight. Toss Bank said it will review its plans while responding to domestic moves to legislate stablecoin-related rules.

Stablecoin pilots move into banking

The Toss Bank deal follows other bank-linked stablecoin tests in Asia. As crypto.news earlier reported, KB Financial tested won stablecoin issuance, offline QR payments, merchant settlement and Vietnam remittances. The Vietnam transfer finished in under three minutes and cut fees by about 87%, according to that report.

Meanwhile, stablecoin remittance trials are also expanding beyond Korea. As previously reported by crypto.news, Japan’s SBI Remit partnered with Fasset to build cross-border stablecoin infrastructure for remittances, payments and settlements across international markets.

Toss has already shown interest in blockchain beyond remittances. Crypto.news reported in April that the broader Toss group had been weighing a custom Layer 1 or Layer 2 blockchain and a native token for its “Money 3.0” stablecoin strategy. The Solana MOU gives Toss Bank a separate path to test public blockchain infrastructure before any broader rollout.

Solana gains payment use case

For Solana, the partnership adds another financial institution to its payments and stablecoin work. As crypto.news reported in May, Western Union launched USDPT on Solana, using the network for a regulated payment stablecoin tied to settlement and future customer services.

Lily Liu, chair of the Solana Foundation, said the partnership could help create a “new standard” for faster and smoother global remittances by combining bank trust with blockchain efficiency. The statement places the project inside a broader market shift toward stablecoin settlement, where banks, payment firms and fintech companies are testing faster cross-border rails.

The MOU does not mean Toss Bank has launched a live stablecoin remittance service. It starts with testing and feasibility reviews. The main questions now are whether the proof of concept can meet Korean regulatory standards, reduce transfer friction and fit into Toss Bank’s existing financial services. No public launch date has been announced yet.

Bitcoin started the week drifting near $64,000, sitting out a rally in Asian equities as the US and Iran moved closer to a lasting peace deal.

The token traded around $63,996 on Monday, down 0.4% over 24 hours and 2.2% on the week, per CoinDesk data. The rest of the market was mixed. Solana rose 3.7% on the week to $74 and tron added 2.2%, while ether held roughly flat at $1,733. The losses ran deeper down the board, with BNB off 4.2% on the week, XRP down 4.3% to $1.13 and dogecoin the weakest major, off 6.5%. Hyperliquid’s HYPE, the standout of early June, fell 5% on the day and has cooled to a 1.9% weekly gain.

The macro backdrop turned friendlier without pulling crypto along. The US and Iran agreed on a roadmap toward a final peace deal within 60 days, and Brent crude slid 1.7% to about $79 a barrel.

An MSCI gauge of Asian stocks rose 0.6%, led by a technology rally tied to continued optimism over artificial intelligence, while US futures were softer, with S&P 500 contracts down 0.5%.

Cardano founder Charles Hoskinson has defended recent AI content tests after users criticized an AI-generated post shared through Input Output’s X account. 

The discussion followed his June 20 post titled “AI Slop, IOG X, and the Future of Marketing,” where he addressed how the team is testing new tools for communication.

Hoskinson said the AI-generated influencer came from work around Midnight City and was shared in good faith. He said the goal was to show what new systems can do, not to replace people or mislead the community. The response showed that parts of the Cardano audience remain careful about synthetic media.

An attacker exploited an “infinite mint” vulnerability in a smart contract on the Secret Network, creating wrapped Axelar assets without proper backing. The incident resulted in a reported $4.67 million loss, according to blockchain research firm Common Prefix.

The breach occurred on June 10 but was identified a week later, on June 17, after a failed cross-chain transaction triggered an “insufficient funds” error tied to the drained account, Common Prefix said in a report released Friday. The funds were then routed to Ethereum and distributed across multiple wallets before being moved to exchanges, the firm added.

Key takeaways

• Common Prefix attributes the $4.67 million exploit to an infinite-mint flaw in a Secret Network contract that minted unbacked Axelar-wrapped tokens.
• The issue was traced to missing verification of the source of inbound transfers before minting, allowing forged deposits on an attacker-controlled channel.
• Wrapped assets affected included saUSDT, saUSDC, saDAI, saWETH, saWBTC, saWBNB and sawstETH.
• Secret Network said holders of Axelar-bridged saXXX tokens may face loss, while both Secret and Axelar emphasized that Secret’s token SCRT and Axelar’s infrastructure were not directly compromised.

How the exploit worked on Secret’s Axelar bridge

Secret Network is a privacy-focused layer-1 blockchain built on the Cosmos ecosystem. Axelar, meanwhile, is designed to enable interoperability between different blockchain networks. The exploit targeted a smart contract handling Axelar-wrapped assets on Secret, where wrapped “saTokens” are expected to represent collateral held in escrow.

Common Prefix reported that the contract failed to verify the provenance of inbound transfers before minting. As a result, the attacker could “forge” deposits over an attacker-controlled channel, triggering the minting of “genuine saTokens with no assets backing them,” the firm said.

After minting, the attacker redeemed the Axelar-wrapped assets back through legitimate channels. Common Prefix said the redemption drained the real Axelar-wrapped assets held in escrow, converting the unbacked representations into backed value.

Timeline and discovery: from June 10 to June 17

While the exploit itself took place on June 10, the crucial indicator of trouble appeared later. Common Prefix said the breach was discovered on June 17 after a cross-chain transaction failed due to an “insufficient funds” error connected to the account that had been drained.

This delay matters for users because it highlights how bridge or escrow-related systems can continue operating normally—or at least not immediately signal obvious failures—until specific downstream actions surface the shortfall. In practice, that can mean the window between minting and detection may be long enough for assets to be redistributed before investigators fully connect the dots.

Where the stolen funds went

Common Prefix reported that after exploiting the wrapped tokens, the attacker moved the assets to the Ethereum blockchain and converted them to Ether (ETH). The firm also said the attacker split the proceeds among roughly 30 wallets.

Those wallets were then used to move funds into exchanges, including KuCoin, ChangeNow, and HitBTC, according to the report. The multi-wallet approach is a common tactic in laundering activity, aimed at complicating tracing by breaking up transaction flows and distribution patterns.

Which tokens were affected—and what Secret said to users

The affected Axelar-wrapped assets minted without backing included saUSDT, saUSDC, saDAI, saWETH, saWBTC, saWBNB and sawstETH. Common Prefix emphasized that the backing of these tokens was compromised, meaning token holders may not be able to redeem them for their intended collateral.

On Saturday, Secret Network issued a security notice stating that holders of Axelar-bridged saXXX tokens on Secret should expect their backing to be affected and that their funds “may be lost.”

Secret’s own native token, Secret (SCRT), was not reported as impacted by the incident. However, the notice underscores that this was not a general compromise of the network itself, but a targeted weakness in the minting path for specific bridged assets.

Axelar’s response: not compromised, firewall contained impact

Axelar acknowledged the incident on Saturday after “some confusion” emerged around the breach. In its statement, Axelar said neither Axelar nor IBC (Inter-Blockchain Communication) was compromised.

Axelar added that the exploited token smart contract “was not developed, deployed, or maintained by Axelar,” and that Axelar’s firewalling prevented the impact from spreading to other chains.

For investors and builders, the distinction is significant: it narrows the likely source of failure to the contract logic on the Secret side rather than Axelar’s core interoperability infrastructure. Even so, cross-chain systems remain tightly coupled through assumptions about escrow, message integrity, and minting verification—exactly where this exploit appears to have broken those assumptions.

Part of a wider wave of protocol attacks

This breach arrives amid a broader pattern of cross-chain and protocol exploitation. Common Prefix noted it is among a series of hacks and exploits occurring this month, with at least 22 incidents reported by DeFiLlama’s ongoing hack tracking.

Within that same recent period, other reported bridge-related losses included Humanity Protocol and Syscoin Bridge, which earlier this month suffered reported losses of $32 million and $8 million respectively, according to coverage referenced in Common Prefix’s context.

While each event has its own root cause, the recurring theme is similar: many of the highest-value failures occur where bridging logic meets asset accounting—especially when systems mint representations based on messages or deposits that are not strongly authenticated end-to-end.

Going forward, users holding affected saTokens should watch for further announcements from Secret and for any guidance on whether and how remaining balances can be redeemed. The key open question is how quickly and completely the affected minting pathway can be audited and patched—because in cross-chain ecosystems, even small verification gaps can translate into real, backed-value drains once an attacker finds a redemption route.

An attacker has used an “infinite mint” bug in a vulnerable smart contract on the Secret Network to create unbacked, wrapped versions of Axelar-wrapped assets, resulting in a $4.67 million exploit. 

The exploit happened on June 10 but was discovered a week later on June 17, after a failed cross-chain transaction caused by an “insufficient funds” error in the drained account was detected, blockchain research firm Common Prefix reported on Friday.

The attacker redeemed the Axelar-wrapped assets (saTokens) back over legitimate channels to drain the real Axelar-wrapped assets held in escrow because the smart contract did not verify the source of the inbound transfer before minting, so “deposits forged over an attacker-controlled channel minted genuine saTokens with no assets backing them,” Common Prefix said.

It is the latest in a series of crypto protocol hacks and exploits this month, which now number at least 22, according to DeFiLlama. The Secret Network was one of the largest, behind the Humanity Protocol and Syscoin Bridge, which lost $32 million and $8 million, respectively, earlier this month.

The Secret Network is a privacy-focused, layer-1 blockchain built on the Cosmos ecosystem, and Axelar is a decentralized interoperability network that connects different blockchain ecosystems.

The Axelar-wrapped assets minted without backing in the exploit included saUSDT, saUSDC, saDAI, saWETH, saWBTC, saWBNB and sawstETH.

Related: Aztec Connect’s abandoned smart contract exploited for $2.1M

The attacker moved the exploited assets to the Ethereum blockchain and converted them to Ether (ETH). They then split the haul between around 30 wallets, eventually depositing the funds into exchanges including KuCoin, ChangeNow, and HitBTC, according to Common Prefix.

“If you hold Axelar-bridged saXXX tokens on Secret, please be aware their backing was affected, and your funds may be lost,” the Secret Network said on Saturday. 

Stolen funds split into multiple wallets for obfuscation. Source: Common Prefix

The Secret Network’s token, Secret (SCRT), was not impacted by the incident, but it remains down 99% from its 2021 all-time high, currently trading at $0.058. Axelar’s native token, Axelar (AXL), is in a similar state, trading at $0.045, down 98% from its 2024 peak. 

Axelar posted a confirmation on Saturday following “some confusion” around the incident.

“Neither Axelar nor IBC [Inter-Blockchain Communication] was compromised. The exploited token smart contract was not developed, deployed, or maintained by Axelar. Axelar’s firewalling prevented the impact from spreading to other chains,” it said. 

Magazine: Bitcoin decouples from tech stocks, Ether eyes ‘selling wave’: Market Moves