ZetaChain has temporarily suspended all cross-chain transactions on its mainnet after its development team detected a targeted exploit on the GatewayEVM smart contract. The move underscores the ongoing challenges in securing decentralized infrastructure that powers seamless interactions across multiple blockchain / DLT networks.
ZetaChain operates as a specialized layer designed to enable universal connectivity between disparate blockchains, allowing developers to build applications that function fluidly across ecosystems without the usual fragmentation.
There was an attack against the ZetaChain GatewayEVM contract today that impacted the internal ZetaChain team wallets only. We've already blocked the attack vector so no more funds can be compromised and will be releasing a detailed post mortem after we have completed our…
— ZetaChain 🟩 (@ZetaChain) April 27, 2026
At the center of its architecture is the GatewayEVM contract, which serves as a critical bridge for handling outbound calls and asset movements from ZetaChain to connected external chains.
This component facilitates the core functionality that makes cross-chain messaging and transfers possible, positioning ZetaChain as a key player in the push toward true interoperability in Web3.
The incident came to light on April 27, 2026, when the team identified unauthorized activity linked to the GatewayEVM contract.
According to the project’s official update, the breach was limited exclusively to internal team wallets and did not compromise any user assets.
The development group acted decisively, isolating and neutralizing the vulnerability within minutes to prevent any additional exposure.
As an immediate precautionary step, cross-chain transaction processing was paused across the mainnet to allow for a thorough system review and to safeguard the broader network.
This proactive pause ensures that no further risks materialize while investigators conduct a full forensic analysis.
The team has committed to publishing a detailed post-mortem report once the inquiry concludes, providing transparency into the root cause, the exact mechanics of the exploit, and any recommended protocol enhancements.
In the meantime, users can monitor real-time network status through ZetaChain’s official dashboard.
The event highlights the persistent security considerations inherent to cross-chain protocols, where smart contracts must manage complex interactions with external environments.
Even advanced systems like ZetaChain’s, which emphasize proper verification and atomic execution, can face sophisticated attempts to probe for weaknesses.
Importantly, the containment demonstrates the effectiveness of internal monitoring and response protocols, reinforcing confidence that user funds remain untouched.
For the broader cryptocurrency ecosystem, such incidents serve as timely reminders of the importance of layered security measures, regular audits, and community vigilance.
While the suspension may cause short-term inconvenience for projects relying on ZetaChain’s interoperability features, it reflects a responsible approach to risk management rather than a systemic failure.
Network participants are encouraged to stay informed via official channels as updates emerge.
ZetaChain’s intervention and emphasis on user protection position the project to emerge stronger, with potential upgrades to its contract logic and monitoring tools on the horizon. As the investigation progresses, the focus remains on restoring full functionality safely while upholding the protocol’s commitment to secure, universal blockchain connectivity.