IPOR Labs disclosed a $336,000 security incident affecting its USDC Fusion vault on Arbitrum. The breach exploited insufficient validation in the fuse mechanism combined with EIP-7702 delegation features, allowing attackers to compromise fund security. Stolen assets were subsequently bridged to Ethereum and processed through privacy protocols, complicating recovery efforts. The development team responded swiftly by initiating a full treasury-backed refund for affected depositors. Importantly, security audits confirm that other vault systems within the protocol remain uncompromised and secure. This incident highlights the critical importance of comprehensive input validation and delegation safeguards in DeFi smart contract architecture—a lesson resonating across the broader ecosystem as protocols scale cross-chain operations.

USDC0.01%
ETH4.52%
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 8
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned