Multichain (2023)

A $231M loss from the Multichain (formerly Anyswap) bridge protocol in July 2023. Unlike most major exploits, this was not a smart-contract bug per se — it was a key-management compromise so severe that the line between "exploit" and "insider exit" is unclear. The Multichain CEO Zhaojun (He Jiun) was reportedly detained by Chinese authorities in May 2023; the protocol began malfunctioning shortly after; funds left the bridges in unauthorized transactions in July.

Timeline

  • May 2023: Multichain users began reporting transactions stuck in pending state. Withdrawals delayed indefinitely.
  • May 24, 2023: Multichain team statement that "force-majeure" had affected their operations. Vague.
  • July 6–7, 2023: Large outflows from Multichain-controlled multi-party computation (MPC) addresses, draining bridge reserves across multiple chains. $231M total.
  • July 14, 2023: Multichain officially announced shutdown. Confirmed that CEO had been detained by Chinese police months earlier, taking sole control of the MPC infrastructure with him.

Root Cause

Multichain used Multi-Party Computation (MPC) signing for its bridges — keys split across multiple parties, with a threshold required to sign. The threshold was implemented in software, with each share held on infrastructure controlled by Multichain.

When the CEO was detained, his control of the keys (and the infrastructure they ran on) became operationally unilateral. There was no on-chain or institutional check.

The fund movements in July were signed with the MPC keys — meaning whoever held the keys (CEO, his family, Chinese authorities holding his devices, or someone with his credentials) had the ability to authorize withdrawals.

Exploit Path

The on-chain transactions were legitimate from the bridge's perspective. The MPC keys signed; the bridge contracts verified the signatures; funds released. No on-chain bug was exploited.

The exploit, if we call it that, was at the operational layer:

  1. MPC infrastructure centralized under one person's control (despite being labeled "multi-party").
  2. That person became unavailable / compromised.
  3. Whoever had effective control of his infrastructure could sign anything.

What an Audit Should Have Caught

A code audit would have found nothing. The bridge contracts were correct.

A security audit — one that examines the operational layer — should have flagged:

  1. MPC distribution is illusory if all parties report to one entity. Multichain's MPC was nominally multi-party but operationally single-party. The audit should ask: "if any one party (including the protocol itself) becomes adversarial, what happens?"

  2. No on-chain timelock on withdrawals. Like Ronin, Multichain had no withdrawal delay. A $231M outflow happened in hours. With even a 24-hour delay, community response (legal action, governance vote, media pressure) might have intervened.

  3. No governance over the validator/MPC set. The MPC nodes were managed by the team; no on-chain process to rotate them, no on-chain registry. The team's centralized control was the entire trust model.

  4. No transparency about the MPC arrangement. Users and integrators believed Multichain to be more decentralized than it was. An audit report (or any rigorous trust assessment) should clearly state "this bridge is operated by a single team; if that team becomes compromised, all funds are at risk."

Lessons

  1. "Multi-party" must be verifiable. A claim that signing keys are distributed across N parties should be auditable: who are the parties, where do they operate, how can users verify? Without verification, "multi-party" can mean "one party with N pseudonyms."

  2. Founder risk is real. A protocol whose security depends on a single founder being alive, free, and cooperative has founder risk. This is rarely modeled but mattered in Multichain, FTX, and others.

  3. Operational security audits. Beyond code audits, a protocol holding nine figures should have its operational security reviewed: key management, governance processes, succession planning, jurisdiction-of-operation legal exposure.

  4. Jurisdiction matters. Multichain was operated from China during a period of crypto crackdown. The legal/operational risk of jurisdiction was material. Audits should consider the legal jurisdiction the protocol team operates in and the implications for force majeure scenarios.

  5. Centralized bridges should disclose centralization clearly. Many users used Multichain assuming it was decentralized. The disclosure was inadequate. Modern bridges (CCIP, Wormhole, native L2 bridges) are mostly more honest about their trust model.

  6. Recovery is impossible when the keys are gone. No fork, no negotiation, no white-hat — once the funds left to attacker-controlled addresses, the only recovery would be voluntary return by whoever now controls them. As of 2026, the funds remain dispersed.

The Multichain incident is the clearest case of operational risk being the entire risk. It pushed the industry toward genuinely-decentralized bridge designs (LayerZero with multiple oracles, CCIP with multiple committees, native L2 bridges) and toward audit reports that explicitly document trust assumptions.