Cryip
  • Home
  • News
  • Research & Analysis
  • Reviews & Comparisons
  • Learn Crypto
  • Features
  • Events
No Result
View All Result
Cryip
  • Home
  • News
  • Research & Analysis
  • Reviews & Comparisons
  • Learn Crypto
  • Features
  • Events
No Result
View All Result
Cryip
No Result
View All Result
Home News Security & Hacks

Inverse Finance Not Affected: sDOLA–crvUSD Curve LlamaLend Exploit Explained

BlockSec clarifies that Inverse Finance contracts were not compromised, identifying an oracle misconfiguration in the sDOLA–crvUSD Curve LlamaLend pool as the root cause of the $240K incident.

Saravana Kumar Mahendran by Saravana Kumar Mahendran
March 2, 2026
in Security & Hacks
0 0
DOLA and DolaSavings
Share on FacebookShare on Twitter
MakeCryipCryippreferred onGoogle

A decentralized finance (DeFi) incident that initially raised concerns about a potential exploit at Inverse Finance has now been clarified, with security researchers confirming that the protocol’s core contracts were not compromised. Blockchain security firm BlockSec issued a correction after conducting further investigation and discussions with the Inverse Finance team. According to the firm, the actual issue occurred within the sDOLA–crvUSD Curve LlamaLend pool, rather than Inverse Finance itself.

 

LlamaLend Exploit
LlamaLend Exploit

Attack Details

  • Targeted Protocol: DOLA / DolaSavings

  • Blockchain: Ethereum (ETH)

  • Estimated Loss: ~$240,000

  • Transaction Hash:
    0xb93506af8f1a39f6a31e2d34f5f6a262c2799fef6e338640f42ab8737ed3d8a4

    Related Story

    Suspected Hedera DeFi Hack Moves $5.8 Million to Ethereum

    Bonzo Lend Oracle Exploit Triggers Cross-Chain Fund Transfers on Hedera

    July 11, 2026
    CodexField on BNB Chain Faces Rug Pull Allegations

    BNB Chain Project CodexField Faces Rug Pull Claims After Abnormal Fund Transfers

    July 10, 2026

Oracle Configuration Identified as Root Cause

The investigation determined that the exploit stemmed from an improper oracle configuration implemented by the pool creator. Specifically, the pool relied directly on the spot price from sDOLA.convertToShares as its pricing input.

Security experts explained that using a spot price in this manner can introduce manipulation risks, as it may be temporarily influenced by large transactions. This vulnerability opened the door for price distortion within the lending pool.

Flash Loan Used to Trigger Liquidations

According to the analysis, the attacker executed the exploit using a large flash loan. The borrowed funds were used to redeem sDOLA tokens and then restake them as a donation, effectively manipulating the pool’s price mechanism.

This artificial price shift caused multiple borrower positions in the LlamaLend pool to fall below their liquidation thresholds. The attacker subsequently liquidated these positions, generating an estimated profit of approximately $240,000.

No Impact on Core Protocol

BlockSec emphasized that Inverse Finance’s smart contracts were not directly affected by the exploit. The vulnerability was isolated to the specific pool’s oracle setup rather than the core protocol infrastructure.

The incident highlights ongoing risks in DeFi ecosystems, particularly when integrating pricing mechanisms and oracle feeds. Experts note that even when primary protocol contracts remain secure, misconfigurations at the pool or integration level can still expose users to significant risk.

Disclaimer: Cryip is an independent media and research outlet providing news, data, and analysis on the cryptocurrency industry. Content is for informational and research purposes only and does not constitute financial, legal, tax, or investment advice. Cryptocurrency markets are volatile and past performance is not indicative of future results. References to specific assets, platforms, or incidents are for journalistic purposes only and do not imply endorsement, and readers assume full responsibility for their decisions.
Tags: Crypto Hacks

Related Posts

Suspected Hedera DeFi Hack Moves $5.8 Million to Ethereum
Security & Hacks

Bonzo Lend Oracle Exploit Triggers Cross-Chain Fund Transfers on Hedera

by Saravana Kumar Mahendran
July 11, 2026

A Bonzo Lend oracle verification exploit allowed an attacker to borrow approximately $9.05 million using a manipulated SAUCE price before...

Read moreDetails
CodexField on BNB Chain Faces Rug Pull Allegations

BNB Chain Project CodexField Faces Rug Pull Claims After Abnormal Fund Transfers

July 10, 2026
Hackers Target Injective Wallet Keys Through Compromised npm Package

Malicious Injective SDK Package Targets Private Keys and Seed Phrases

July 10, 2026
Ethereum User Loses Nearly $1 Million USDT in Phishing Token Approval Exploit

Phishing Approval Drains 999K USDT From Ethereum Wallet

July 9, 2026
Ctrl Wallet to Permanently Shut Down

Ctrl Wallet to Permanently Shut Down on August 3 After Cardano Security Exploit

July 7, 2026
Trader Loses $2M After ETH Swap to LIT Routes Through AVAIL Pool

Trader Loses $2M After ETH Swap to LIT Routes Through AVAIL Pool

July 7, 2026
Web3 Security Losses Hit $1.31 Billion

Web3 Security Losses Hit $1.31 Billion in H1 2026 as Drift Protocol Hack Tops $285M

July 7, 2026
Next Post
Strategy Acquires 3,015 BTC; Total Bitcoin Holdings Reach 720,737

Strategy Acquires 3,015 BTC; Total Bitcoin Holdings Reach 720,737

Akave Secures $6.65M for Decentralized Storage Platform

Akave Announces $6.65M in Total Funding for Decentralized Storage Platform

Recommended

  • All
  • News
Former Meta Engineer Says Quantum Computing and Miner Incentives Are Bitcoin's Biggest Long-Term Risks

Former Meta Engineer Says Quantum Computing and Miner Incentives Are Bitcoin’s Biggest Long-Term Risks

July 11, 2026
Vitalik Buterin Urges Elon Musk to Transform X Into a Platform for AI Governance

Vitalik Buterin Urges Elon Musk to Transform X Into a Platform for AI Governance

July 11, 2026
Ethereum Uses Just 7.87 GWh of Electricity Annually After The Merge, Cambridge Study Finds

Ethereum Uses Just 7.87 GWh of Electricity Annually After The Merge, Cambridge Study Finds

July 11, 2026
DOJ Moves to End BitClub Founder’s $722 Million Crypto Fraud Case

DOJ Moves to End BitClub Founder’s $722 Million Crypto Fraud Case

July 11, 2026
DOJ Moves to End BitClub Founder’s $722 Million Crypto Fraud Case

DOJ Moves to End BitClub Founder’s $722 Million Crypto Fraud Case

July 11, 2026
AI Agents Now Have a New Internet Court to Settle Disputes

AI Agents Now Have a New Internet Court to Settle Disputes

July 10, 2026
Ledger Researchers Disclose Tangem Card Flaw

Ledger Researchers Reveal Laser Flaw in Tangem Cards as Firm Downplays User Risk

July 10, 2026
Circle Receives Final OCC Approval to Launch National Trust Bank

Circle Wins Federal Approval to Launch Regulated Digital Asset Trust Bank

July 10, 2026

Cryip focuses on crypto research and on-chain analysis, supported by coverage of markets, regulation, security events, and blockchain ecosystems.

Recent Posts

  • BingX launches the BingX Visa Debit Card, bridging digital assets and everyday payments
  • Bonzo Lend Oracle Exploit Triggers Cross-Chain Fund Transfers on Hedera
  • Former Meta Engineer Says Quantum Computing and Miner Incentives Are Bitcoin’s Biggest Long-Term Risks

Categories

  • AI × Crypto
  • Data & Dashboards
  • DeFi Basics
  • Investing Basics
  • Market & Price
  • Market Updates
  • On-Chain Analysis
  • OpSec
  • Policy & Regulation
  • Post Mortems
  • Press Release
  • Reports
  • Scams & Fraud
  • Security & Hacks
  • Stablecoins
  • Tokenomics
  • VC & Funding
  • Wallets & Custody

Company

  • About Us
  • Contact Us
  • Editorial Standards & Integrity
  • Our Team
  • Privacy Policy
  • Review Methodology
  • Terms and Conditions
  • Trust, Disclosures & Independence

© 2026 Cryip - Research-Driven Crypto Analysis & News by Hashlays.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

No Result
View All Result
  • Home
  • News
  • Research & Analysis
  • Reviews & Comparisons
  • Learn Crypto
  • Features
  • Events

© 2026 Cryip - Research-Driven Crypto Analysis & News by Hashlays.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.