On May 7, 2026, the DeFi security landscape shifted once again when TrustedVolumes, a Request-for-Quote (RFQ) liquidity provider serving 1inch Fusion and other decentralized exchange aggregators, lost approximately \$5.87 million through an access-control vulnerability in its custom swap proxy. The incident did not compromise 1inch’s core protocol or user funds directly, but it exposed a recurring and dangerous pattern: the resolver layer of DeFi composability has become a preferred target for sophisticated attackers.
Bitcoin traded near \$80,000 and Ethereum hovered around \$2,290 at the time of the exploit, meaning the stolen assets — 1,291 WETH, 16.93 WBTC, 1.27 million USDC, and 206,000 USDT — represented a significant haul for the attacker and a stark reminder of the concentrated risk in delegated infrastructure.
The Exploit Mechanics
The TrustedVolumes attack exploited a fundamentally simple flaw: a publicly accessible function that allowed permissionless registration as an authorized order signer. In DeFi RFQ systems, resolvers act as intermediary market makers that fill user swap orders. The protocol assumes only vetted, trusted entities can register as signers. TrustedVolumes broke that assumption by leaving the registration endpoint open to anyone.
Once registered as a legitimate signer, the attacker combined three vulnerabilities into a single exploit chain: broken replay protection that allowed the same order to execute multiple times, an unvalidated transferSource field that let the attacker redirect where funds were withdrawn from, and the fraudulent signer status that made all of this appear authorized to the proxy contract. The result was a clean, permissionless drain routed to three attacker-controlled Ethereum addresses.
Blockchain security firm Blockaid attributed the operator to the same actor behind the March 2025 1inch Fusion V1 incident, suggesting a sustained campaign targeting resolver infrastructure rather than individual protocols. This is not opportunistic — it is methodical, repeatable exploitation of a known architectural weakness.
Affected Systems
The immediate blast radius was contained to TrustedVolumes’ custom RFQ swap proxy on Ethereum. 1inch confirmed that its protocol, infrastructure, and user funds remained unaffected. However, the downstream implications are broader. Any DeFi aggregator that delegates order execution to third-party resolvers or market makers inherits the security posture of those intermediaries. When the resolver layer fails, the trust chain breaks.
The attack vector is not unique to TrustedVolumes. Access-control failures in resolver and market-maker infrastructure have appeared in at least four significant DeFi incidents in 2025-2026. The pattern is consistent: a protocol delegates authority to an external component, that component has a missing or broken validation check, and an attacker uses the delegated authority to extract funds. The composability that makes DeFi powerful also creates a sprawling attack surface where every delegation point is a potential single point of failure.
This same week also saw Ekubo Protocol lose approximately \$1.4 million through a similar class of vulnerability — an access-control flaw in an EVM v2 swap router that allowed an attacker to manipulate the payer, token, and amount fields in the IPayer.pay callback. The attacker chained roughly 85 rapid transactions to drain WBTC from wallets that had previously granted token approvals to the router.
The Mitigation Strategy
TrustedVolumes published the three exploiter wallet addresses on disclosure and opened communication regarding a potential bug bounty and resolution. When stolen funds remain consolidated across a small number of attacker-controlled wallets in the hours after an exploit, the window for intervention is narrow but real. Freezing requests to centralized off-ramps and stablecoin issuers can preserve recovery optionality before funds enter mixers or cross-chain bridges.
For protocols, the mitigation playbook is clear but frequently ignored. First, every external-facing registration or authorization function must require verifiable identity — not just a transaction signature, but a governance-approved whitelist with on-chain enforcement. Second, replay protection must be implemented at the contract level, not assumed to exist at the application layer. Third, validation of critical fields like transferSource cannot be optional or delegated to off-chain logic.
For users, the lesson is indirect but important. Aggregators like 1inch did not lose funds in this incident because the exploit targeted a third-party resolver, not the core protocol. However, users who interact with less established aggregators or who grant broad token approvals to router contracts should understand that their exposure extends to every component in the execution chain.
Lessons Learned
The TrustedVolumes exploit reinforces several critical lessons for the DeFi ecosystem. Resolver-layer attacks are not anomalies — they represent a structural vulnerability in how modern DeFi protocols compose with third-party infrastructure. The same attacker returning for a second attempt at the same target class suggests that the vulnerability is systemic and that the cost of exploitation is low relative to the potential payoff.
The coincidence with the Ekubo exploit in the same week — both involving access-control failures in swap infrastructure — should serve as an industry-wide signal. The current model of delegating execution authority to loosely validated intermediaries is producing predictable failures. Protocols that rely on resolver networks, RFQ providers, or third-party market makers must treat those components as part of their own security perimeter and audit them accordingly.
User Action Required
If you have interacted with 1inch Fusion through TrustedVolumes or any other resolver and have active token approvals, review your pending approvals using tools like Revoke.cash or Etherscan’s token approval checker. While 1inch confirmed user funds were not affected in this specific incident, the resolver-layer attack pattern means that future incidents could directly impact user balances if approvals remain active on compromised contracts.
The broader DeFi community should monitor the three attacker addresses identified by TrustedVolumes and track fund movement. Consolidated post-exploit balances present the best opportunity for exchange-level freezing before laundering begins.
Disclaimer: This article is for informational purposes only and does not constitute financial or security advice. Always conduct your own research and consult with qualified professionals before making investment or security decisions.
a publicly accessible function for registering as an authorized signer. thats not a bug its a design failure of the highest order
permissionless signer registration is the kind of bug you only find if you think about the system from an attacker perspective. auditors test for known patterns, not design-level failures
1,291 WETH plus 16.93 WBTC plus stablecoins. The attacker knew exactly which tokens to target and how to route them through the proxy. This was recon’d for weeks.
the resolver layer becoming a target makes total sense. core protocols like uniswap and 1inch are audited to death but the intermediaries connecting them are held together with hopes and prayers
^ this. protocols spend millions on audits but rfq resolvers are basically unregulated middlemen with access to huge liquidity pools. weakest link in the chain
audits dont cover resolver infrastructure because its not technically part of the core protocol. thats the loophole. $5.87M gone through the back door nobody was watching
good that 1inch core wasnt hit but $5.87M through an access control bug is embarrassing for a resolver serving a top dex aggregator