A faulty initialization set a trusted root to 0x00, allowing anyone to spoof any message, leading to a chaotic free-for-all drain.
During a routine upgrade, Nomad's Replica contract was initialized with 0x0000...0000 as a trusted root. This meant any message with a body of 0x00 would pass verification. Once discovered, hundreds of copycat attackers replayed the original transaction with their own addresses, draining the bridge in a chaotic swarm attack with 300+ unique addresses.
Funds distributed across hundreds of wallets. Some 'white-hat' participants returned approximately $36M voluntarily. Remaining funds routed through Tornado Cash and cross-chain bridges. Nomad offered 10% bounty for return of funds. Attacker identities largely unknown due to scale of copycat participation.
0xa5fe9d044e4f3232c65d3d36a65325bccfef2059c80c8f49ac0fc8e2bb14c8e7