Gyroscope Incident Analysis

**Executive Summary:** On 30 January 2026 Gyroscope paused liquidity pools after an attacker exploited an arbitrary-input vulnerability in its cross-chain bridge (ccipReceive/BridgeToken) to grant themselves unlimited approval on the GYD token and withdraw ~6,099,337 GYD (~$807k); the attacker then deposited proceeds through Tornado Cash and Gyroscope offered a 33% white-hat bounty.