Update on the exploit of May 1st
bisq.community
Bisq Protocol Exploit Update This is a brief update on what we have learned so far, the current state of reimbursement planning for affected users, and some broader observations about the growing role of AI-assisted attacks. Estimated impact Based on preliminary estimates from data analysis and reports from affected users, the total amount stolen appears to be approximately 11 BTC. The attacker used a 0.001 BTC multisig output together with an unusually high 10,000 sat miner fee in the repor...

Trading was halted by the Bisq team, by raising the minimal required trading protocol version.

Only active trade offers could’ve been affected. The local wallet is safe

How did the exploit happen?

In short, the exploit was caused by a missing validation that should have rejected negative input values provided by the taker.

The maker and taker must use the same miner fee. That fee value is provided by the taker.

The attacker supplied a negative miner fee.

When the maker calculated the multisig output amount — which includes the miner fee for the payout transaction — the negative value reduced the multisig amount to 0.001 BTC, while the remaining funds were redirected to the taker’s change output.