Yeliz Akmaca 
Saga Ethereum-compatible SagaEVM chainlet has been paused following a $7 million exploit that led to unauthorized bridging activity and a sharp loss of confidence across the ecosystem. The incident quickly spilled into the stablecoin layer, where Saga’s US dollar-pegged asset fell as low as $0.75.
The protocol’s total value locked also took a hit, dropping by more than half within a single day.
Chain halted as investigation begins
In a statement posted on X, the Saga team confirmed that the SagaEVM chainlet was paused at block height 6,593,800. The move was framed as a containment measure, aimed at preventing further unauthorized activity while engineers assessed the scope of the breach.
A subsequent Medium post added context. According to the team, the incident did not stem from a single bug but rather from a coordinated sequence of contract deployments, cross-chain interactions, and rapid liquidity withdrawals.
Crucially, Saga emphasized what did not happen. There was no consensus failure, no validator compromise, and no signer key leakage. The core Saga network, they said, remains structurally intact.
Stablecoins wobble, liquidity exits fast
The impact extended beyond the main Saga Dollar. Other ecosystem stablecoins, Colt and Mustang, were also affected as the chain was taken offline. The team said the network would remain paused until a full technical and security review is completed and a post-mortem is published.
Price action told the story quickly. Around 10:16 pm UTC, Saga’s dollar-pegged stablecoin broke its peg and slid to $0.75, according to CoinGecko data.
Liquidity followed the price lower. DefiLlama data shows Saga’s TVL falling from over $37 million to roughly $16 million in just 24 hours. The speed of the outflow suggests more than routine risk-off behavior.
Attacker address flagged, blocklisting underway
Saga also confirmed that the wallet address receiving the exploited funds has been identified. The team said it is actively working with exchanges and bridge operators to blocklist the address and limit further movement of the assets.
There was no commitment on recovery timelines. Instead, the focus remains on containment and forensic analysis before any restart is considered.
Infinite mint theory gains traction
While Saga has yet to release a detailed post-mortem, early theories are already circulating among security researchers.
Threat researcher Vladimir S suggested the attacker may have exploited inter-blockchain communication mechanisms to mint Saga Dollar without collateral. According to his analysis, a helper contract used crafted messages to bypass validation logic in the precompile bridge, enabling unlimited token creation.
Another on-chain investigator, known as Specter, floated a different possibility: a private key compromise. However, he also acknowledged that available information is still limited.
For now, both scenarios remain on the table. The final assessment will likely shape how the market prices Saga’s risk going forward.
Also, you can freely share your thoughts and comments about the topic in the comment section. Additionally, please follow us on our Telegram, YouTube and Twitter channels for the latest news and updates.