Bedrock, a multi-asset liquid staking protocol, has fallen victim to a security exploit. The incident resulted in the loss of approximately $2 million in assets. Hackers targeted uniBTC, a synthetic Bitcoin token used in decentralized finance.
This is the third consecutive hack in the recent days, following BingX 50$ million breach and Truflation $4.6m Malware Attack.
Now it's Bedrock's turn. The protocol confirmed the breach on September 27 via a post on X. The company stated that the root cause of the exploit had been "handled".
Bedrock reassured users that all remaining funds were safe. The protocol plans to issue a reimbursement plan soon. "A comprehensive reimbursement plan is being finalized," Bedrock said, adding that a post-mortem report would follow.
Most losses occurred in decentralized exchange liquidity pools. Bedrock clarified that underlying wrapped BTC tokens and standard Bitcoin held in reserves remained secure.
Launched in February 2023, Bedrock is operated by Singapore-based blockchain firm RockX. The protocol offers synthetic representations of major blockchain tokens, including uniBTC, uniETH, and uniIOTX. Bedrock aims to attract institutional investors with large capital to liquid staking. The platform prioritizes strict Know Your Customer and Anti-Money Laundering compliance.
Data from DefiLlama shows Bedrock as the eighth-largest liquid staking protocol with over $240 million in total value locked (TVL) on its platform.
Liquid restaking has grown rapidly in the crypto industry. The sector emerged following the launch of ETH restaking protocol Eigenlayer in April.
Liquid restaking protocols now boast over $11.4 billion in TVL. Eigenlayer itself has more than $12.1 billion in TVL on its mainnet.
The Bedrock incident highlights ongoing security challenges in the crypto industry. It underscores the need for robust protection measures in decentralized finance protocols.