{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/state-overwrite/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":["MezoBridge"],"_cs_severities":["medium"],"_cs_tags":["blockchain","smart-contract","bridge","state-overwrite"],"_cs_type":"advisory","_cs_vendors":["Ethereum"],"content_html":"\u003cp\u003eA critical vulnerability in the Mezo bridge allows a malicious actor to potentially drain all ERC-20 tokens locked in the Layer 1 (L1) bridge without affecting the bridged balance on the Mezo network. This attack exploits an asymmetry in how the \u003ccode\u003ebridgeOut\u003c/code\u003e precompile handles BTC and ERC-20 tokens. The vulnerability exists because the outer StateDB overwrites the inner burn transaction with stale values. This restores the attacker\u0026rsquo;s balance and allowance while the \u003ccode\u003eAssetsUnlocked\u003c/code\u003e event has already been persisted to the bridge store. The Ethereum sidecar then observes this event, attests the unlock on L1, and releases real tokens to the attacker, who can repeat the drain every block. This issue was found in the Mezo EVM and impacts ERC-20 token bridging. The fixed version of the validator client has been deployed.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker deploys a crafted contract on the Mezo network to interact with the \u003ccode\u003ebridgeOut\u003c/code\u003e precompile.\u003c/li\u003e\n\u003cli\u003eThe attacker calls the \u003ccode\u003ebridgeOut\u003c/code\u003e precompile with an ERC-20 token, triggering the \u003ccode\u003eburnERC20\u003c/code\u003e function via \u003ccode\u003eExecuteContractCall\u003c/code\u003e. This creates an inner StateDB where the token burn occurs.\u003c/li\u003e\n\u003cli\u003eWithin the inner StateDB, the \u003ccode\u003eburnFrom\u003c/code\u003e function decreases the balance, supply, and allowance slots of the ERC-20 token.\u003c/li\u003e\n\u003cli\u003eThe inner StateDB commits its changes to a cached context (\u003ccode\u003ecachedCtx\u003c/code\u003e) but does not propagate these changes to the outer StateDB\u0026rsquo;s \u003ccode\u003edirtyStorage\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker triggers a \u003ccode\u003etransfer(sink, 1)\u003c/code\u003e in the same transaction, causing the outer StateDB to load the stale pre-burn balance from the base context (\u003ccode\u003ebaseCtx\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe outer StateDB\u0026rsquo;s \u003ccode\u003edirtyStorage\u003c/code\u003e now contains the pre-burn allowance and stale balance, while the \u003ccode\u003eAssetsUnlockedEvent\u003c/code\u003e has been persisted to the bridge module\u0026rsquo;s KV store.\u003c/li\u003e\n\u003cli\u003eDuring the \u003ccode\u003eStateDB.Commit()\u003c/code\u003e process, the stale allowance and balance slots in \u003ccode\u003edirtyStorage\u003c/code\u003e overwrite the zeroed-out values from the inner burn, effectively erasing the burn.\u003c/li\u003e\n\u003cli\u003eThe Ethereum sidecar observes the \u003ccode\u003eAssetsUnlockedEvent\u003c/code\u003e and calls \u003ccode\u003eAttestBridgeOut\u003c/code\u003e on the L1 MezoBridge contract, releasing real tokens to the attacker\u0026rsquo;s L1 address. The attacker repeats this process per block to drain the bridge.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThis vulnerability poses a critical risk to the Mezo bridge, potentially leading to the theft of approximately $1,753,958.4 USD worth of assets held on the L1 bridge. Attackers can repeatedly exploit this vulnerability to drain ERC-20 tokens, including cbBTC, T, USDC, USDT, xSolvBTC, SolvBTC, FunctionBTC, USDe, swBTC, and DAI, without affecting their Mezo balance. This exploit threatens the integrity and trustworthiness of the Mezo bridge and the assets locked within it.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement detection rules to identify transactions interacting with the \u003ccode\u003ebridgeOut\u003c/code\u003e precompile and \u003ccode\u003eExecuteContractCall\u003c/code\u003e that do not properly propagate state changes to the outer StateDB.\u003c/li\u003e\n\u003cli\u003eMonitor Ethereum L1 MezoBridge contract (0xF6680EA3b480cA2b72D96ea13cCAF2cFd8e6908c) for unexpected or anomalous withdrawal patterns.\u003c/li\u003e\n\u003cli\u003eInvestigate all \u003ccode\u003eAssetsUnlockedEvent\u003c/code\u003e events to validate that corresponding balance and allowance changes have been correctly applied within the Mezo network before attesting unlocks on L1 as described in \u003ccode\u003ex/bridge/keeper/assets_unlocked.go:104-163\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEnable logging of state changes within the EVM, particularly focusing on the \u003ccode\u003eCommit()\u003c/code\u003e function at \u003ccode\u003ex/evm/statedb/statedb.go:677-684\u003c/code\u003e to detect potential stale overwrites.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-06T19:57:36Z","date_published":"2026-05-06T19:57:36Z","id":"/briefs/2026-05-mezo-l1-bridge-drain/","summary":"A vulnerability in the Mezo bridge allows for the potential full drain of the L1 bridge without changing the bridged balance on Mezo due to a stale StateDB overwrite, enabling a malicious user to steal ERC-20 tokens locked in the L1 bridge.","title":"Mezo L1 Bridge Vulnerability Leads to Potential ERC-20 Drain","url":"https://feed.craftedsignal.io/briefs/2026-05-mezo-l1-bridge-drain/"}],"language":"en","title":"CraftedSignal Threat Feed — State-Overwrite","version":"https://jsonfeed.org/version/1.1"}