Gleb Kostarev

As mentioned in reopening announcement, here is the full context behind the deliberate decision that resulted in 316 duplicate transactions reaching a few hundred users on TON. When the bridge was drained during the May 11 incident, a number of legitimate cross-chain transactions initiated by users were left in limbo: processed on the TAC side, but never settled on TON because the TON Adapter no longer held the funds to complete them. Ahead of the relaunch, we faced a clear choice on how to handle these pending transactions. The first option was to hard-fork TAC: coordinating with validators and partners, re-issuing tokens to mirror a snapshot of the previous state, and a number of operations that break the immutability of the TAC blockchain. Immutability is a core property of any serious chain, and we will not compromise it to patch an operational issue, however convenient that shortcut would have been. The second option was to let the TON Adapter process these pending transactions through its normal flow once the bridge was live. This preserved chain soundness and immutability. The trade-off: 316 transactions reprocessed on TON, delivering approximately $80,000 to users who were not meant to receive them. We chose immutability. If you received an unexpected transaction in any of these assets: TAC, USDT, BLUM, tsTON, Re7 USDTv2, Re7 cbBTCv2, Re7 WETHv2, mRe7YIELD, cbBTC, syUSDT - kindly return the funds back to the TAC team multisig on TON: UQAkTfPo4zo72Zyr5dk1QrWvCWlgA0gRd3njyg5hqmwdrQrI We appreciate your cooperation.

We, the TAC team, based on coordinated discussions with our security partners and law enforcement, formally assert that upon successful return of the funds to the TAC team multisig at 0xa05CBfF7b395DeA456539Db279AbC6EE5a8150f9 and EQAkTfPo4zo72Zyr5dk1QrWvCWlgA0gRd3njyg5hqmwdrVcN and t1dXd2EUAe34BYEtNUtNfrBFQTTs8LhoTUH: 1. Legal action will not be taken against the operator of the address(es) eth/bsc:0x46FB375EAc7a44C231b2b7aB762040ee74908CDc, zec:t1h6NcBAciYGdaVb4Ej1AELTx1D9UF9WUDr and ton:EQBPHhXyG_vbsAEnB6YccNhhaVc6I3ixOCc7vriaOzo4AFA8. The entity controlling the above address(es) carried out the incident affecting the TAC cross-chain layer in multiple transactions, resulting in the movement of approximately $2.8M in USDT, BLUM, and tsTON. Any further investigations or legal matters against the entity, in relation to this incident, will end. 2. We view this occurrence as a white-hat rescue, and as a result: eth:0x46FB375EAc7a44C231b2b7aB762040ee74908CDc and zec:t1h6NcBAciYGdaVb4Ej1AELTx1D9UF9WUDr will be rewarded with 10% of the recovered fund as a white-hat bounty from the TAC team, which translates to approximately 13 ETH + 300ZEC. 3. The remaining balance, will be directed to the TAC team multisigs mentioned above.

Following the security incident, we identified an exploit on the TON side of the TAC crosschain layer that was carried out by an external attacker. The incident resulted in a loss of approximately $2.8M across USDT, BLUM, and tsTON. The TAC token, TON and all ERC-20 tokens bridged from Ethereum are NOT affected. The bridge remains paused while forensic analysis and remediation work are ongoing. A post-mortem with additional disclosure will be published in the next 48 hours. We are actively working with law enforcement, SEAL 911, and our security partners to trace and block the stolen funds. Our focus is on making users whole and fully restoring bridge liquidity through a legally structured sale of Foundation’s TAC token treasury reserves. We will continue to share updates through our official channels. Thank you for your patience and trust.

We are currently investigating a security incident affecting the TAC bridge with TON. The bridge has been paused as soon as we received reports from our security partners. The issue appears isolated to native TON Jettons bridged from TON (excluding $TON). $TON and every other Ethereum native asset are not affected. TON cross-chain transactions remain paused while the investigation is ongoing. Protecting our users is our top priority. Should any users be affected as a result of this incident, we are committed to doing everything we can to make them whole. We will be sharing regular updates through our official channels.