Hedera, the team behind the distributed ledger Hedera Hashgraph, has confirmed a smart contract exploit on the Hedera Mainnet that has resulted in the theft of several liquidity pool tokens.

The attack targeted liquidity pool tokens on decentralized exchanges (DEXs) that derived its code from Uniswap v2 on Ethereum, which was ported over for use on the Hedera Token Service.

According to Hedera, the suspicious activity was detected when the attacker attempted to move the stolen tokens across the Hashport bridge, which consisted of liquidity pool tokens on SaucerSwap, Pangolin, and HeliSwap.

Operators acted promptly to temporarily pause the bridge, and the Hedera team is now working on a solution to remove the vulnerability from the mainnet.

While Hedera has not confirmed the exact number of tokens stolen, the team has identified the root cause of the exploit and is working to deploy updated code on the mainnet.

Once the solution is ready, Hedera Council members will sign transactions to approve the deployment, and normal activity will resume.

On Feb. 3, Hedera upgraded the network to convert Ethereum Virtual Machine (EVM)-compatible smart contract code onto the Hedera Token Service (HTS).

This involved the decompiling of Ethereum contract bytecode to the HTS, which is where Hedera-based DEX SaucerSwap believes the attack vector came from.

Hedera has also recommended that tokenholders check the balances on their account ID and Ethereum Virtual Machine (EVM) address on hashscan.io for their own comfort. Earlier, Hedera managed to shut down network access by turning off IP proxies on March 9.