Key Takeaways
- The Incident: Garden Finance lost ~$11 million due to a compromised solver.
- The Cause: A single algorithm responsible for cross-chain transactions was breached.
- The Controversy: Security researchers question if the solver was truly autonomous or an internal infrastructure failure.
- Next Steps: 10% bounty offered for return of funds; external audit engaged.
A blockchain-bridge company called Garden Finance has admitted that one of its solvers was compromised, leading to an exploit that allowed attackers to steal assets worth around US$ 11 million.
What is a "solver" in DeFi?
A “solver” in this context is an algorithm or trading agent that carries out cross-chain transactions on behalf of the bridge protocol. Solvers maintain some funds (usually their own, not the users’) to be able to quickly execute trades and bridge assets between blockchains. According to Garden, user funds were not affected. The company says the vulnerability was isolated to just that one solver and, as a result, they temporarily shut down their application to prevent further issues.
Is the "hack" narrative being questioned?
Shortly after the disclosure, a well-known blockchain security researcher, ZachXBT, questioned Garden’s narrative. He suggested that the compromised solver may not have been truly autonomous i.e., not independent of Garden’s internal infrastructure, implying that the risk might stem from mismanagement or internal error rather than an external breach. In response to the theft, Garden publicly offered a 10% “bounty” reward to the attacker, contingent on the full return of the stolen funds and on the attacker helping them to understand the root cause of the exploit.
What are the next steps for Garden Finance?
Garden’s co-founder reiterated that the protocol itself remains unaffected and maintains that the design’s “trustless” nature is intact. They also announced plans to engage external security experts to investigate the breach, identify its origin, and bolster protections going forward.
Meanwhile, the breach triggered debates in the crypto community around the risks associated with solvers, especially in terms of how much trust is placed in these entities to operate correctly and independently. Some argue decentralised finance (DeFi) protocols must increase transparency and decentralisation of their operational agents to avoid similar failures.
Incident Response
Thomas Murray’s incident response team is trained to respond quickly and efficiently to incidents and help your business get back on track.
Insights
Schrodinger’s Hack- or How HSBC Was(n’t) Hacked
When a bank is hacked it can quickly generate extensive news coverage. And recent events have shown that even when a bank isn’t hacked it can still generate significant column inches – threatening reputational damage.
Do not go (Micro)softly into that good night: Are we at a technology tipping point?
There’s a strong possibility that we’re now collectively at a technology crossroads in Europe because of a potential move away from Microsoft.
Nursery cyber attack shows there is no honour amongst thieves
The news that a gang of cyber criminals is threatening to publish the details of around 8,000 children is one of the starkest cyber incidents of 2025.
Co-op Reveals £80m Profit Hit: What are the Lessons for UK Retail?
Edward Starkie, a Director in Thomas Murray’s cyber security business, gives his reaction to the latest news from the historic British brand.