For years, users looking to speed up their transactions on the Bitcoin blockchain relied on a handy optional feature that essentially says, “I might want to replace this transaction with a higher fee.”

But what started as a helpful tool has become redundant and a small privacy issue, prompting some developers to discuss possible ways to do away with it.

Let’s first take a look at the so-called replace-by-fee (RBF) signaling, then discuss the developers’ proposals.

Replace by fee (RBF) signaling

Imagine sending a paper check through the mail, but the postal system is stretched and congested. To ensure your payment doesn’t get stuck, the check has a small checkbox that says, “I reserve the right to cancel this check and write a new one with a higher rush fee if it gets delayed.” (The higher fee, of course, is an incentive for the postal system to prioritize your transaction.)

Such a feature is called Replace-by-Fee (RBF) in the Bitcoin ecosystem. For years, when you sent bitcoin, your wallet let you flip a switch, signaling to the network that you might want to “fee-bump” to speed up your transaction later.

Altura will begin winding down its stablecoin yield vault after a sharp rise in withdrawal requests over the weekend. 

CEO Ranveer Arora said the protocol processed more than 8.5 million USDT in instant redemptions over 24 hours before deciding to close the vault in an orderly way.

Arora said the team made the move because of “sustained withdrawal demand and current market sentiment.” He added that Altura’s priority was user capital and that the team wanted all redemptions completed in a “fair, transparent, and efficient manner.” The announcement marks a sharp change for a vault built around stablecoin yield on HyperEVM.

Altura stablecoin vault positions now being unwound

Altura has notified counterparties and partners about the decision and started unwinding positions across the vault portfolio. Arora said those positions include allocations held on exchanges, private credit opportunities and real-world asset strategies.

Some positions can return capital quickly, while others need standard settlement and redemption periods. Arora said the team is working with counterparties to speed up the process where possible, and that capital will return to users as underlying positions are redeemed. He said the team will keep posting updates as more liquidity becomes available.

Main Street depeg fuels market concern

The wind-down followed wider concern across yield-bearing stablecoin markets after Main Street’s MSUSD lost its peg. The token fell sharply after Accountable, its proof-of-solvency provider, ended its service agreement with MainStreet and said the project was “unable to meet our verification standards.”

MainStreet later said its assets remained fully backed and blamed the market stress on the shutdown of a third-party proof-of-reserves dashboard. As previously reported by crypto.news, MSUSD traded far below its intended $1 peg while lending liquidity on the Morpho msY/USDC market tightened.

Altura blames misinformation and speculation

Altura said earlier that it had no direct exposure to Main Street or its strategies. It also said its HyperEVM lending vault, Alpha USDT Prime, the related USDT/AVLT market and borrowers using its Ethereum vault remained unaffected by the Main Street event.

Arora said Altura had worked around the clock through the weekend to process withdrawals and speak with partners and users. He criticized what he called “misinformation and speculation,” saying unfounded narratives had added to market fear and withdrawal pressure.

Stablecoin vault risks return to focus

DefiLlama data showed Altura with about $32.36 million in total value locked on Hyperliquid L1, with one tracked yield pool and an average APY near 17.49%. The vault had reached a peak total value locked of about $39 million on HyperEVM.

The case comes as demand for tokenized real-world asset and stablecoin yield products grows. Crypto.news recently reported that Plume and Ether.fi launched a $100 million yield-bearing RWA vault, while separate coverage of MSUSD showed how a proof-of-reserves dispute can quickly move into wider liquidity concerns.

Altura said it will keep giving updates as redemptions progress and new liquidity becomes available. For users, the main questions now are the speed of settlements, how much capital returns in each stage and whether the process can avoid rushed sales of slower portfolio positions. The protocol has not set a final completion date, leaving the redemption timeline tied to each position’s settlement terms.

Taiko has urged users to withdraw funds from all bridges deployed on its network after confirming a compromise of its chain state verification mechanism. 

The Ethereum Layer 2 project said the security assumptions behind its bridge system could no longer be relied upon.

The notice followed alerts from blockchain security firm Blockaid, which said its exploit detection system found an ongoing attack on Taiko’s ERC20 Vault on Ethereum. Blockaid put losses at more than $1 million and shared the victim contract, attacker wallet and exploit transactions.

Blockaid points to Taiko proof validation flaw

Blockaid said the likely root cause was a flaw in Taiko bridge source-signal proof validation. The firm said crafted message proofs were accepted as valid on Ethereum L1 even though there were no matching legitimate “MessageSent” events on the Taiko source chain.

That allowed the attacker to register and later retrieve fraudulent bridge messages, leading to unauthorized asset releases from the ERC20 vault. Taiko later confirmed a broader verification problem and said it was working with the Security Council and ecosystem partners.

Moreover, Taiko also said all proposers had temporarily stopped producing new blocks while the team investigates and resolves the issue. The project asked centralized exchanges to suspend TAIKO deposits immediately and said deposits should resume only after an official notice.

The team published several attacker addresses as part of its update. It said it would take technical and legal steps where needed, but did not give a timeline for restoring bridge security or restarting block production.

Bridge risks remain in focus

Taiko is a Type 1 Ethereum-equivalent ZK-EVM rollup designed as a based rollup, where Ethereum L1 validators are expected to help order transactions. The network launched mainnet in May 2024 and supports Ethereum-compatible smart contracts and tools.

Meanwhile, crypto.news recently reported that cross-chain bridge exploits caused $28.6 million in May losses, or about 42% of that month’s total reported by CertiK.

The incident comes after other cross-chain security failures this year. As previously reported by crypto.news, Verus Protocol’s Ethereum bridge lost more than $11.5 million in a forged-transfer exploit, while Axelar disabled Secret Network bridge routes after a $4.7 million exploit.

Moreover, as crypto.news earlier reported, an old Aztec Connect contract lost about $2.1 million after a verification mismatch let unbacked balances move through Ethereum settlement records.

Taiko, an Ethereum layer-2 blockchain, has urged its users to withdraw assets from the network’s bridges after an exploit on one of its bridge protocols saw attackers make off with $1.7 million in the latest decentralized finance hack this month. 

“We have confirmed a compromise of Taiko’s chain state verification mechanism,”   Taiko posted to X early on Monday. “As a result, the security assumptions of all bridges deployed on Taiko can no longer be relied upon.”

“We strongly advise all users to withdraw their funds from all bridges deployed on Taiko immediately,” it added.

It is the latest in a series of crypto protocol exploits this month, which now number at least 23, according to DeFiLlama. The Humanity Protocol and Syscoin Bridge, which lost over $30 million and $8 million, respectively, have been the largest two exploits so far in June.

Source: Taiko

Taiko said it was coordinating partners to contain the incident and had paused affected systems.

Crypto security firm Blockaid said that the root cause appears to be a flaw in how the Taiko bridge validated source signals.

It said that message proofs were accepted as valid on Ethereum without corresponding legitimate proofs on the Taiko blockchain.

“This allowed the attacker to register and later retrieve fraudulent bridge messages, resulting in unauthorized asset releases from the ERC20 vault,” Blockaid said.

Blockaid estimated that at least $1 million had been stolen, while Lookonchain and PeckShield suggested the value of assets stolen could be as high as $1.7 million.

The exploiter has already transferred 1.99 million Taiko (TAIKO) tokens worth around $189,000 to MEXC, stated PeckShield. TAIKO is currently trading down 98% from its 2024 peak at $0.084, according to CoinGecko. 

Related: Secret Network bridge exploited for $4.7M with ‘infinite mint’ bug

Blockchain intelligence firm Arkham shows Taiko exploiter wallets holding around $1.5 million, primarily in Ether (ETH). 

The Taiko exploiter account holds more than $1.5 million in ETH. Source: Arkham Intelligence

Exploits in June are mounting up

The attack comes just days after the discovery on Friday of a smart contract exploit on the Secret Network, which resulted in the theft of $4.67 million worth of assets. 

On Saturday, around $1.1 million was drained from the OLPC/LABUBU liquidity pool on PancakeSwap. LABUBU is a memecoin inspired by the popular toys of the same name.

Other notable exploits in June include Aztec Connect, RetoSwap, Raydium AMM, and the largest one so far this month, Humanity Protocol. 

Magazine: Bitcoin decouples from tech stocks, Ether eyes ‘selling wave’: Market Moves

XRP briefly broke below a closely watched support level on Sunday before buyers stepped in.

The token fell to roughly $1.12 on some of the session’s heaviest volume, then rebounded toward $1.15 within hours, leaving traders focused less on the decline itself and more on whether the latest test of support signals accumulation or another pause in a broader downtrend.

News Background

• XRP continues to trade inside the same broad $1.10-$1.30 range that has contained price action for most of June.

• Analysts remain split between viewing the range as a base-building phase and a continuation pattern within a larger downtrend.

Price Action Summary

• XRP fell from $1.1451 to $1.1383 during the 24-hour session, a decline of roughly 0.6%.

• Selling accelerated around 21:00 UTC when volume surged to 85.8 million XRP, pushing price down to a session low near $1.1213.

• Buyers quickly absorbed the move, driving XRP back toward $1.148 and recovering most of the breakdown before consolidation set in.

Technical Analysis

• The initial break below $1.1385 looked significant, particularly because it occurred on the largest volume spike of the session.

An attacker exploited an “infinite mint” vulnerability in a smart contract on Secret Network to create wrapped versions of Axelar-backed assets without the normal backing. According to Common Prefix, the resulting loss reached $4.67 million, with the incident first occurring on June 10 and later being detected on June 17 after irregularities surfaced during a failed cross-chain transfer.

The exploit relied on a flaw in how inbound transfers were handled: the contract minted genuine saTokens without verifying that the tokens being deposited originated from a legitimate source. After discovery, the attacker redeemed the forged saTokens through Axelar’s standard routes, draining the real wrapped assets held in escrow. Common Prefix reported the issue on Friday, citing on-chain findings and the sequence of redemptions.

Key takeaways

• An “infinite mint” bug on Secret Network allowed unbacked Axelar-wrapped assets (saTokens) to be minted.
• The vulnerability stemmed from missing verification of the inbound transfer source before minting, enabling forged deposits to produce real tokens.
• Common Prefix estimates the exploit’s impact at $4.67 million, with detection coming a week after the June 10 attack.
• The attacker redeemed saTokens back to the underlying assets held in escrow, then moved proceeds to Ethereum and split holdings across multiple wallets.
• Axelar said its network and IBC were not compromised, and that the affected contract was not developed or maintained by Axelar.

How the Secret Network “infinite mint” unfolded

The Secret Network incident centered on a smart contract that minted Axelar-wrapped tokens (saTokens) tied to assets held in escrow. Common Prefix’s analysis indicates the contract did not verify the source of inbound transfers prior to minting. As a result, deposits that were forged over an attacker-controlled channel could trigger minting of genuine saTokens without corresponding backing assets.

Common Prefix said the attacker then redeemed those Axelar-wrapped saTokens back through legitimate channels. Because the real wrapped assets were stored in escrow, the redemption process allowed the attacker to withdraw the backed collateral that should have corresponded to the issued tokens. In short, the breach converted what should have been a “wrapped claim” into an extractable withdrawal by breaking the token-to-collateral link at the minting stage.

Assets targeted and the size of the exploit

Common Prefix reported that multiple Axelar-wrapped tokens were minted without backing. The affected set included saUSDT, saUSDC, saDAI, saWETH, saWBTC, saWBTC? and saBNB, as well as sawstETH (as listed in Common Prefix’s report). The firm estimated the total exploit impact at $4.67 million.

Secret Network is a privacy-focused layer-1 blockchain in the Cosmos ecosystem. Axelar, meanwhile, is an interoperability network designed to connect different blockchain ecosystems. The incident highlights the risk that can arise when wrapped assets and cross-chain messaging rely on correct validation logic—especially when minting depends on the integrity of inbound transfer proofs.

Discovery, attacker movement, and where funds ended up

While the exploit happened on June 10, Common Prefix said it wasn’t detected until June 17. The delayed discovery was linked to a failed cross-chain transaction that returned an “insufficient funds” error involving the drained account. That error drew attention to the fact that tokens had likely been minted without sufficient backing.

After redemption, Common Prefix reported that the attacker moved the stolen assets to Ethereum and converted the proceeds to Ether (ETH). The firm also said the attacker split the funds across roughly 30 wallets, eventually depositing with exchanges including KuCoin, ChangeNow, and HitBTC—details that matter for monitoring and potential recovery efforts, since multi-wallet distribution can slow down tracing and enforcement.

Secret Network and Axelar respond: what was and wasn’t compromised

Secret Network posted a security incident warning, advising holders of Axelar-bridged saXXX tokens on Secret that the backing for those tokens was affected and that their funds may be lost. The warning, published after the incident became public, focused on user risk rather than suggesting that all tokens on Secret were compromised.

Axelar addressed the incident separately after “some confusion” circulated around the breach. In a post on Saturday, Axelar stated that neither Axelar nor IBC was compromised. It also said the exploited token smart contract was not developed, deployed, or maintained by Axelar, and that Axelar’s firewalling helped prevent broader impact across chains. For users and builders, the distinction matters: it suggests that the failure was contained to the contract logic on Secret’s side of the integration rather than a systemic breach across the broader Axelar interoperability stack.

Why this case fits a broader pattern of bridge and wrap exploits

Common Prefix placed the Secret Network hack in the context of a busy month for crypto exploits. According to DeFiLlama data cited in the article, crypto protocol hacks and exploits now number at least 22 for the month, reflecting continued pressure on cross-chain infrastructure and token-wrapping mechanisms.

Earlier this month, Cointelegraph reported major losses tied to other cross-chain incidents, including Humanity Protocol and Syscoin Bridge, which lost $32 million and $8 million, respectively. Together, these cases underscore a recurring theme: cross-chain systems can fail at multiple layers—message validation, escrow accounting, wrapped-token minting, and redemption logic—meaning that a vulnerability in one link can lead to direct fund drains if the surrounding checks are incomplete.

For investors and traders, the practical implication is that token “existence” on a destination chain does not always guarantee collateral backing. In the Secret Network incident, the tokens were minted in a way that broke that assumption, turning wrapped representations into potentially uncollectible claims. For developers, the bigger lesson is straightforward: minting logic that depends on inbound data must treat verification as part of the core security model, not an optional step.

Looking ahead, users holding affected saTokens on Secret should monitor Secret Network’s incident updates and any follow-on recovery or remediation announcements. Meanwhile, builders integrating interoperability routes should watch closely for contract-level fixes and updated validation requirements—because as this exploit shows, a single missing verification step can propagate into real withdrawals from escrow even when the interoperability provider itself insists it was not compromised.