Copy
Trading Bots
Events
More

Bonzo Lend loses $9M in oracle verifier exploit on Hedera

2026/07/12 15:11Browse 0

A manipulated on-demand oracle update drained roughly $9 million from Bonzo Lend on Hedera early on July 11, 2026, after the protocol's verifier contract accepted a price update with an invalid signature. The attacker posted about 250 SAUCE as collateral, inflated its price by roughly 12 orders of magnitude, and borrowed approximately 6.63 million USDC and 34.5 million wrapped HBAR within seconds before Bonzo paused the protocol. The incident highlights a critical weak link in DeFi: the verifier contract that gates on-demand oracle updates, which can allow a single bad signature to bypass downstream lending logic.

The exploit: a signature check failure

At around 00:51 UTC on July 11, 2026, the attacker submitted a price update to Bonzo's on-demand oracle that dramatically inflated the value of SAUCE. The verifier contract, which is supposed to confirm that the update carries a valid signature from an authorized signer, accepted the update despite having a zeroed or otherwise invalid signature. Bonzo Finance attributed the flaw to Supra's on-chain oracle verifier on Hedera, and Supra acknowledged the issue and deployed a fix to the verifier contract on Hedera mainnet.

With the inflated collateral value locked in by the lending pool, the attacker borrowed aggressively: roughly 6.63 million USDC and about 34.5 million wrapped HBAR, totaling near $10 million before a partial white-hat return. On-chain monitors tracked about $5.25 million being bridged from Hedera to Ethereum shortly after the heist, where the attacker swapped into assets like WBTC and ETH. Security firms Specter and PeckShield published theft addresses within hours.

Why verifier assumptions matter

The Bonzo case illustrates a class of oracle risk that is often overlooked. The price feed itself was not compromised; the verifier that gates trust in on-demand updates failed its most basic check. In an on-demand model, the verifier must reject any update with a missing or zeroed signature, a signer not in the active set, a timestamp outside an expiry window, or a nonce that does not increment. The Bonzo exploit appears to have bypassed the very first guard: a malformed signature was treated as valid.

DeFi applications that consume on-demand oracle data with permissive verification are exposed to similar risks. The incident also affected Hedera users, as liquidity pulled back and confidence took a hit. The speed of the attack—roughly 250 SAUCE posted, a price update accepted, and millions borrowed in seconds—underscores how a single verifier bug can cascade into a full protocol drain.

Bonzo's response and broader lessons

Bonzo paused the protocol immediately after the exploit window. Supra deployed a fix to the verifier contract on Hedera mainnet, but app-level changes such as per-asset borrowing caps may follow. The incident has prompted renewed scrutiny of oracle architectures, especially on-demand designs where the verifier is the last line of defense. Auditors and developers are now examining verifier assumptions more closely, as the attack path did not require a complex sandwich attack or a flash loan—just one missing guard in the attestation gate.

Disclaimer: This page may contain third-party information and does not necessarily reflect BYDFi's views or opinions. This content is for general reference only and does not constitute any representation, warranty, financial advice, or investment advice. BYDFi is not responsible for any errors, omissions, or any results arising from the use of such information. Virtual asset investments involve risks. Please carefully evaluate the risks of the product and your risk tolerance based on your financial situation. For more information, please refer to our Terms of Use and Risk Disclosure.