Garden Finance denies $5.5M hack as ZachXBT shares on-chain evidence
Garden Finance says user funds are safe after reports of a $5.5m exploit, but on-chain data and ZachXBT’s findings suggest the breach may go beyond a single compromised solver.
Key Takeaways
Was Garden Finance actually hacked?
The team insists it wasn’t — claiming only one “solver” was compromised and user funds remain safe.
Why is ZachXBT disputing that?
The blockchain sleuth shared an on-chain message suggesting Garden’s own deployer wallet acknowledged a broader exploit across multiple chains.
Tension is rising around Garden Finance, following reports that the Bitcoin-native DeFi bridge suffered an exploit of over $5 million on Thursday.
While the project insists its protocol wasn’t hacked, blockchain investigator ZachXBT has presented on-chain evidence that tells a different story.
Conflicting accounts emerge over Garden Finance exploit
Garden’s co-founder @punkaj stated on X that “Garden has NOT been hacked,” clarifying that only one of its solvers, entities that facilitate cross-chain swaps, was compromised.
“The impact is limited to the solver’s own inventory. Protocol, users, and their funds remain safe,” he said. The app has been taken offline temporarily for investigation.
However, ZachXBT countered that claim with a screenshot of an on-chain message allegedly sent from a Garden deployer address to the attacker.
The message, recorded on Ethereum block 23,690,488, confirmed that Garden’s systems “have been compromised across multiple blockchains, including but not limited to Arbitrum,” and offered a 10% white-hat bounty for the return of stolen assets.
“This looks like an attempt to downplay the incident,” ZachXBT wrote, suggesting that the compromised solver may, in fact, be operated by a Garden team member.
Previous controversies resurface
The dispute follows other accusations against the platform. ZachXBT accused Garden Finance of laundering funds from the $1.4 billion Bybit hack, allegedly linked to North Korea’s Lazarus Group.
He claimed over 75% of Garden’s April–July bridge volume was tied to illicit activity. Garden previously denied those allegations, calling them “misleading.”
What’s next for Garden Finance?
As of publication, the protocol remains offline, and no detailed postmortem has been released. PeckShield’s early tracking indicates that five associated addresses are holding approximately $5.8 million in stolen assets.
Users have been advised not to interact with Garden’s contracts until the investigation concludes.
The incident adds to a growing list of DeFi bridge breaches in 2025, underscoring continued vulnerabilities in multi-chain infrastructure.
