Solv Protocol Suffers $2.7 Million Hack, Offers Bounty for Fund Recovery

Decentralized finance protocol Solv Protocol recently experienced a smart contract vulnerability exploit, resulting in the unauthorized minting and theft of $2.7 million worth of SolvBTC. SolvBTC is an ERC-20 token pegged to Bitcoin, widely used in various DeFi News ecosystems. Following the incident, the Solv team responded quickly, confirming that all 38.05 affected SolvBTC would be fully compensated by the platform, ensuring the safety of user assets.

To encourage the attacker to voluntarily return the funds, Solv officially offered a white-hat bounty of up to 10%, approximately $270,000, and publicly disclosed an Ethereum wallet address on-chain, inviting the attacker to communicate via contract messages. As of now, according to Etherscan data, the attacker has not responded.

Security firms Hypernative, SlowMist, and CertiK immediately launched investigations, confirming that the attack stemmed from a logical flaw in the contract that allowed unauthorized minting of tokens. After the vulnerability was exploited, the attacker generated a large amount of SolvBTC without holding sufficient collateral, thereby achieving arbitrage transfer. The Solv team emphasized that this incident only affected a specific vault, and all other Vaults and user funds were not affected. The platform has suspended relevant functions and initiated a comprehensive audit, and will subsequently release a repair plan and security upgrade plan. Users can continue to use other service modules with confidence. This incident has once again raised industry concerns about the security mechanisms of DeFi News protocols. In recent years, attacks caused by contract design flaws have occurred frequently, highlighting the critical role of audit processes and multi-signature protection mechanisms in on-chain financial systems.