The decentralized finance sector suffered another major security breach after hackers drained nearly $5.9 million from Trusted Volumes.
Blockchain security firms SlowMist and PeckShield linked the exploit to a flaw in the protocol’s signature validation logic.
The attacker reportedly bypassed authorization checks and forged trading orders through a weakness in the platform’s fillOrder function.
On-chain data later showed the stolen ETH, WBTC, and stablecoins moved through decentralized exchanges for laundering purposes.
Signature validation flaw triggered the exploit
Trusted Volumes operates as a liquidity provider for 1inch using a Request for Quote trading system.
Unlike Automated Market Makers such as Uniswap, RFQ protocols facilitate direct peer-to-peer trading between market makers and takers.
Under the RFQ structure, a taker requests a price quote while a maker provides a fixed offer. Both parties then sign the transaction before settlement occurs on-chain.
Security researchers explained that accurate cryptographic signature verification remains essential within this trading model.
SlowMist reported that the exploit stemmed from a logical error inside the protocol’s fillOrder function.
According to the firm, the flaw enabled the attacker to bypass authorization checks and create forged orders.
The exploit reportedly succeeded because the protocol failed to properly validate signed trading instructions.
Users also grant RFQ protocols broad approval to move digital assets during transactions. The weak signature verification can therefore expose large pools of funds to attackers.
PeckShield confirmed that the total losses reached approximately $5.9 million across Ethereum, Wrapped Bitcoin, and stablecoins.
Stolen ETH and Stablecoins moved through decentralized exchanges
SlowMist’s analysis revealed that the attacker drained 1,291 ETH valued at around $3.02 million.
The hacker also stole 16.94 WBTC worth nearly $1.37 million. In addition, the exploit included 1.26 million USDC and 206,000 USDT.
According to on-chain tracking data, the attacker quickly moved the stolen assets after the exploit.
SlowMist stated that the bad actor laundered the stablecoins and Wrapped Bitcoin through decentralized exchanges shortly afterward.
Security experts noted that rapid asset transfers often complicate recovery efforts in DeFi exploits.
Investigators continue monitoring wallet activity tied to the attack as the broader crypto sector assesses the impact of another major protocol breach.
The Trusted Volumes exploit adds to a growing list of attacks targeting smart contract infrastructure and trading protocols.
The incident highlights ongoing security risks surrounding authorization systems and signature validation mechanisms in decentralized finance.
About The Author
