Solv Protocol exploit drains $2.7M in SolvBTC, 10% bounty offered

Bitcoin-focused Solv Protocol was exploited on Thursday, resulting in roughly $2.7 million worth of funds drained from one of its token vaults. The project has offered a 10% bounty to the attackers.

Summary

• Solv Protocol lost about $2.7 million after an exploit drained 38 SolvBTC from one of its Bitcoin Reserve Offering vaults, with fewer than 10 users affected.
• Security researchers estimate that the attacker abused a double-minting flaw in a BitcoinReserveOffering contract.
• The project has offered a 10% bounty for the return of the funds.

Solv Protocol is a DeFi platform that allows users to stake Bitcoin through its Staking Abstraction Layer

According to a post incident update, roughly 38 Solv Protocol BTC (SolvBTC), which the project uses for yield-generating and lending activities across its ecosystem, was drained from one of its structured yield vaults called Bitcoin Reserve Offerings (BRO).

Solv Protocol said that the incident impacted fewer than 10 users and added that it would compensate for the loss of 38.05 SolvBTC, which amounts to roughly $2.7 million.

While a full post-mortem of the incident is yet to be published, third-party security analysts believe the attacker was able to abuse a double-minting flaw in a BitcoinReserveOffering contract.

Per security firm Decurity’s automated bot, the exploiter was able to trigger the vulnerability 22 times, which allowed them to inflate 135 BRO into roughly 567 million BRO tokens before converting the funds into SolvBTC.

Meanwhile, a pseudonymous crypto researcher identified as Pyro described the incident as a reentrancy attack, a common exploit where repeated calls to a smart contract allow attackers to manipulate internal accounting before balances are properly updated.

In the meantime, Solv Protocol has offered a 10% bounty if the attackers return the funds to the designated address. Further, the project claims to be working with its security partners to patch the vulnerability.

At the time of publication, the attackers have yet to indicate whether they intend to return the stolen funds.

This is one of the several attacks that have targeted DeFi protocols of late.

Earlier in the week, Curve Finance’s sDOLA LlamaLend markets were exploited through a vulnerability tied to the pool’s oracle configuration, and the attacker reportedly made about $240,000 by manipulating the pricing mechanism using a flash loan to trigger liquidations.

In early February, the cross-chain liquidity protocol CrossCurve also lost roughly $3 million after attackers exploited a flaw in its smart contract that allowed spoofed cross-chain messages to bypass gateway validation and unlock funds from the PortalV2 contract.