
Meanwhile, Grego AI, which independently verified Hexens’ proof-of-concept, calculated that approximately $250 million in Aptos-native TVL was directly at risk based on the near-90% success rate, separate from broader cross-chain exposure.
The $70 billion risk
The vulnerability, discovered by Vahe Karapetyan, CTO and co-founder of Hexens, could, if left unchecked, have exposed a far larger systemic risk surface across bridges, stablecoins, DeFi protocols and centralized exchanges, costing billions and creating a crisis far beyond Aptos itself.
And all it would’ve taken was a few thousand dollars’ worth of servers.
The total cost to spin up the infrastructure needed to run this experiment was approximately $3,000 for a server that simulated an environment designed to approximate Aptos mainnet conditions. Although if a malicious attacker were to actually go through the exploit, it would have required considerably less, without requiring validator access, insider knowledge or privileged protocol permissions.
The team ran the exploit path roughly 20 times in a simulated environment and succeeded 17 or 18 times. The two or three failed attempts didn’t stop the network, meaning the attacker could have simply had another window to try again.
The simulation was built to closely approximate real network conditions, using a cluster of more than 30 validator nodes, a mainnet-shaped stake distribution, organic transaction traffic and heavy execution contention. The Hexens team also tested what they call “non-armed calibration techniques”: dry runs that measured mempool and block-construction conditions before committing to an armed attempt. The firm said those steps materially reduced the uncertainty introduced by the exploit’s probabilistic elements, making the attack path more reliable in practice.


