Loading cryptocurrency prices...

Ethereum DeFi Protocol SIR.trading Loses $355k TVL to Smart Contract Hack

SIR.trading DeFi Protocol Loses Entire $355K TVL in Hack Exploiting Ethereum's Transient Storage Feature

  • Ethereum DeFi protocol SIR.trading lost its entire $355,000 TVL in a March 30 hack targeting a vulnerability in its contract vault.
  • Security firms identified the attack as exploiting Ethereum’s transient storage feature, a relatively new function introduced in the Dencun upgrade.
  • Despite the complete loss of funds, the protocol’s founder indicated plans to continue operations, while the stolen assets were moved through privacy solution Railgun.

Ethereum-based DeFi protocol SIR.trading has suffered a complete loss of funds after Hackers exploited a vulnerability in its smart contract vault. The March 30 attack drained the protocol’s entire total value locked (TVL) of approximately $355,000, leaving the self-described "safer leveraging" platform with zero remaining assets.

- Advertisement -

Security firms TenArmorAlert and Decurity first detected and reported the breach on social media platform X, warning users about the ongoing attack. The protocol’s founder, known as Xatarrer, acknowledged the devastating impact, describing it as "the worst news a protocol could received [sic]" while suggesting the team would attempt to maintain operations despite the setback.

According to Decurity’s analysis, the attack targeted a callback function within the protocol’s vulnerable contract vault. The security firm characterized it as a "clever attack" that exploited Ethereum’s transient storage feature to manipulate the system. The Hacker successfully replaced legitimate Uniswap pool addresses with controlled addresses, effectively redirecting funds to their own wallet.

TenArmorAlert explained that the attacker methodically drained the protocol by repeatedly calling the compromised callback function until the entire TVL was emptied. The security firm later reported that the stolen assets were deposited into an address funded through Railgun, an Ethereum privacy solution, with SIR.trading’s founder reportedly reaching out to Railgun for assistance.

The exploit may indicate broader security concerns with Ethereum’s transient storage functionality. SupLabsYi from security firm Supremacy provided additional technical details, suggesting the hack might demonstrate vulnerabilities in this relatively new Ethereum feature introduced during the Dencun upgrade in 2023. Transient storage was designed to enable temporary data storage with lower gas fees than regular storage options.

- Advertisement -

"This isn’t merely a threat aimed at a single instance of uniswapV3SwapCallback," SupLabsYi noted, implying potential wider implications.

Ironically, SIR.trading’s documentation marketed the protocol as "a new DeFi protocol for safer leverage," specifically designed to address challenges in leveraged trading such as volatility decay and liquidation risks. However, the protocol’s documentation did acknowledge potential smart contract vulnerabilities, specifically warning that its vaults could contain undiscovered bugs leading to financial losses, despite having undergone security audits.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -

Latest News

Apple Joins Robotics Race as TSLA Faces Rising Mag-7 Competition

Apple is expanding manufacturing in Vietnam to build tabletop robots and smart home devices. Morgan...

Trump Confirms US-China Trade War, Bitcoin Market Reacts to Tariffs

President Donald Trump has declared that the United States is currently in a trade...

Amazon to Hire 250K for Holidays Amid Layoff, $19–$23/hr Pay

Amazon plans to hire 250,000 seasonal and permanent workers across the U.S. for the...

North Korean Hackers Target npm, Spread Malware to Web3 Devs

North Korean Hackers uploaded over 300 malicious code packages to the public JavaScript library...

Walmart Stock Hits ATH After OpenAI Deal, Eyes $125 Target

Walmart stock rose 5.6% over the past week, reaching a record high. The company's partnership...
- Advertisement -

Must Read

A Beginner’s Guide To Cryptocurrency Mining

Cryptocurrency is considered one of the most popular forms of financial assets today. Many of these digital assets operate within blockchain technology which works...