Across Protocol Solana Attack, Restores Deposits Within Hours
0
0

Across Protocol Solana Attack Hits Relayer, Not Users
Across Protocol was hit by an attack on its deployment at approximately 5:30 AM UTC on July 17, 2026. User funds were safe, no users were affected, and all bridge transactions had already been completed by the time the issue was contained. As a containment step, deposits were disabled while every other part of the network continued operating normally. In the Across Protocol Solana attack, user funds remained safe, and any needed refunds would process automatically. The community was also warned about phishing links circulating around the incident.

Source: X @acrossprotocol
How the Solana Attack Affected the Relayer, Not Users
The only funds potentially lost belonged to the relayer operated by Risk Labs, the foundation supporting the protocol.
Across runs on an intent-based model where relayers front their own capital to fill user transfers instantly and get repaid later through Ethereum settlement.
Users never hand custody of funds to a pooled contract that can be drained.
All in-flight bridge transactions were completed for users.
Three attacker-linked wallet addresses were published, one on network and two on EVM chains.
The trace is being coordinated with SEAL 911, the industry's emergency response network for live security incidents.
Across Restores Solana Deposits and Resumes Normal Operations
In a further update on the Across Protocol Solana attack, Across confirmed that network deposits have been re-enabled and that the platform is fully operational again. The team repeated that no user funds were lost and that all in-flight transfers were either completed or fully refunded. Relayer losses, it said, stayed contained to Risk Labs and do not affect the protocol or its users going forward.

Source: @AcrossProtocol X
ACX Token Buyout Remains on Track Despite the Security Incident
The ACX token buyout tied to its planned shift toward a US-based C-corp structure remains unaffected by this incident.
ACX holders can exchange tokens for equity in the new entity or sell ACX for USDC at a premium price.
The buyout window runs for six months.
The statement was aimed at addressing investor concerns and reinforcing that the incident does not change the Platform broader stability or roadmap.
What's Next for The Platform After the Attack?
Across said a full technical report covering the exploit mechanism and the size of the relayer's loss will follow in the coming days. The investigation with SEAL 911 continues on the Across Protocol Solana attack, and the team has not yet disclosed the exact attack vector.
ACX 24-Hour Market Reaction
Metric | Value |
Price | $0.04240 |
24H Change | +3.45% |
Market Cap | $29.87M |
24H Volume | $1.77M (+28.07%) |
Source: coinmarketcap data
ACX held its ground through the incident, trading slightly higher over the past 24 hours with a noticeable pickup in trading volume, rather than showing the sharp drop typically seen after a bridge security event.
Conclusion
It's first disclosed security incident on Solana was contained to the Risk Labs relayer, with the team confirming no user funds were lost, all transfers completed or refunded, deposits were restored the same day, and the ACX buyout plan unaffected. A full post-mortem is still pending, and the story continues to develop as the investigation moves forward on Across Protocol Solana attack
Disclaimer
This article is for educational and informational purposes only and should not be considered financial or investment advice. Always conduct your own research before making investment decisions.
0
0
Securely connect the portfolio you’re using to start.






