Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
IPO Access
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Promotions
AI
Gate AI
Your all-in-one conversational AI partner
Gate AI Bot
Use Gate AI directly in your social App
GateClaw
Gate Blue Lobster, ready to go
Gate for AI Agent
AI infrastructure, Gate MCP, Skills, and CLI
Gate Skills Hub
10K+ Skills
From office tasks to trading, the all-in-one skill hub makes AI even more useful.
GateRouter
Smartly choose from 40+ AI models, with 0% extra fees
Raydium 舊版 AMM 遭攻擊!134 萬美元被盜,Solana DEX 全額賠付
Solana's largest DEX protocol Raydium's old version AMM V3 was attacked, with approximately $1.34 million in liquidity drained, and 5 liquidity pools affected. The Raydium core team confirmed there is no spreading risk, and the treasury will fully compensate.
(Background summary: Comprehensive analysis of the current state of Solana's largest DEX Raydium)
(Additional background: Raydium's trading volume has surpassed Uniswap for two consecutive months)
Table of Contents
Toggle
Decentralized lending protocol (Raydium) core contributor InfraRAY posted on Wednesday confirming that the old version AMM V3 of Solana's largest DEX protocol was attacked, with about $1.34 million in liquidity drained. Since the pools were disabled in 2021, there has been no new price discovery.
Attack process: LP token impersonation
The five affected pools include those revealed by InfraRAY on X platform, covering Sollet USDT-RAY, Sollet ETH-RAY, SRM-RAY, USDC-RAY, and RAY-SOL.
Initial estimates show the total stolen assets are:
Together, approximately $1.34 million. The Raydium treasury will fully compensate for the losses, which will not affect the token prices of any token holders.
Cause of the vulnerability: Insufficient verification of LP token minting addresses
Investigation points to a logical bug: AMM V3 did not strictly verify the minting address when validating LP tokens. Attackers only needed to create a new LP token, impersonate a legitimate LP token, and bypass the protocol's ratio verification mechanism, allowing them to extract assets from the pools.
InfraRAY stated that this incident is an independent logical bug, not caused by private key leaks or permission breaches, and there is no spreading risk. Currently, all active Raydium mainnet programs are unaffected.
Raydium's position in the Solana ecosystem
As Solana's largest automated market maker (AMM) protocol, Raydium's trading volume in 2024 has surpassed Uniswap on Ethereum for two consecutive months. Although this attack targets an old version of the program that stopped service in 2021, it also serves as a reminder to DeFi users: even if the protocol itself functions normally, logical bugs in early versions of contracts may be caught early by on-chain investigators.
On June 10, on the X platform, on-chain investigator Specter issued a security warning, indicating that a certain old liquidity pool of Raydium was suspected to have been attacked. Less than 12 hours later, the Raydium core team confirmed the details of the incident.