The decentralized finance ecosystem suffered another blow on May 9, 2026, as TrustedVolumes, an Ethereum-based liquidity provider, lost approximately $5.9 million to a sophisticated exploit targeting its custom Request for Quote trading system. The incident, caught in real time by blockchain security firm Blockaid, highlights how even seemingly minor architectural decisions in smart contract design can create catastrophic vulnerabilities when multiple components interact in unexpected ways.
The Exploit Mechanics
The attack centered on a design flaw in TrustedVolumes’ RFQ proxy system, which serves as the bridge between traders seeking quotes and the liquidity pools that fulfill them. According to a detailed technical breakdown published by security researchers at DarkNavySecurity, the vulnerability existed not in a single function but in the interaction between two separate mechanisms that were never designed to work together safely.
The first component was a publicly accessible function called registerAllowedOrderSigner(), which allowed any address to designate itself as a valid signer for trades it controlled. Under normal circumstances, self-registration would be harmless — a user authorizing their own address to sign their own orders. The critical flaw emerged in the settlement function, which checked authorization against one address while actually pulling funds from a different, higher-value address. This mismatch between the authorization check and the fund-transfer target created the exploit window.
The attacker deployed a helper contract and executed four drain transactions against the TrustedVolumes resolver contract, which had previously granted the proxy permission to move its tokens. Each time, the proxy pulled substantial assets from the resolver while sending only a single raw USDC unit back as the supposed “trade settlement.” The stolen funds included 1,291 WETH, approximately 16.9 WBTC, roughly 206,000 USDT, and just under 1.27 million USDC, according to Blockaid’s real-time monitoring.
Affected Systems
The exploit had ripple effects beyond TrustedVolumes itself. Because the platform operates as a liquidity provider and market maker on 1inch, early reports mistakenly characterized the incident as a 1inch exploit. Both 1inch and Blockaid moved quickly to clarify that the 1inch protocol itself was never compromised and no user funds on the platform were affected. TrustedVolumes operates independently across multiple decentralized exchange aggregators, not exclusively on 1inch.
The timing amplified concerns across the DeFi sector. April 2026 had already been a devastating month for the ecosystem, with more than $650 million stolen across multiple incidents. The KelpDAO hack accounted for $292 million, while Drift Protocol lost $285.2 million. Although the TrustedVolumes exploit was significantly smaller at $5.9 million, the technical sophistication of the attack — combining self-service signer registration with a maker-funding-source mismatch in a single transaction — placed it in a different category from simple misconfigurations or private key compromises.
The Mitigation Strategy
TrustedVolumes confirmed the exploit publicly and posted three wallet addresses holding the stolen funds, inviting the attacker to negotiate a bug bounty and a mutually acceptable resolution. This approach mirrors an increasingly common industry practice of offering white-hat bounties to hackers who return stolen funds, though success rates vary considerably.
The technical mitigation requires a fundamental redesign of the RFQ proxy’s authorization architecture. The signer registration function must implement proper access controls, restricting who can register as an authorized signer and under what conditions. More critically, the settlement function must ensure that the address being checked for authorization is the same address from which funds are being pulled. This type of maker-source mismatch is a known class of vulnerability in DeFi systems, but it continues to surface in new implementations where development teams fail to apply lessons from previous incidents.
Lessons Learned
The TrustedVolumes exploit reinforces several critical security principles for DeFi protocol developers. First, access control functions that appear harmless in isolation can become dangerous when combined with other system components. Every publicly accessible function must be evaluated not just for its individual behavior but for how it interacts with every other function that touches the same data or assets.
Second, the separation of authorization checks from fund-transfer targets is a design pattern that should be treated with extreme caution. If a system validates that address A has permission to act, but then moves funds from address B, that mismatch is an inherent vulnerability regardless of any other safeguards.
Third, real-time monitoring systems like Blockaid demonstrate their value in scenarios like this. The fact that the exploit was caught as it was happening — even though it could not be prevented — provides crucial forensic data that helps the broader community understand and defend against similar attacks.
User Action Required
Users who interacted with TrustedVolumes liquidity pools should check their exposure immediately. While 1inch users were not affected, anyone who provided liquidity directly to TrustedVolumes or used its RFQ system should monitor the three wallet addresses published by the team and follow official communications for recovery plans. The broader DeFi community should audit any protocol using custom RFQ or order-settlement systems for similar authorization-source mismatches, applying the technical details published by GoPlus Security and DarkNavySecurity as a reference checklist.
Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Always conduct your own research before engaging with any DeFi protocol.
self-registration on registerAllowedOrderSigner is such a basic access control failure. publicly accessible functions that authorize fund transfers without caller validation
decomp_check the mismatch between authorization check and fund transfer target is the real lesson. two components that were never designed to work together safely
decomp_check identified the exact issue. a public function that authorizes signers without caller validation is access control 101 failure. how does this pass review
sending 1 raw USDC back per drain transaction is just insulting. the attacker was literally pocketing millions while the resolver thought a trade settled
Ingrid that 1 USDC return is the most degen part of the whole exploit. the resolver literally thought the trade was legit while millions drained
1,291 WETH and 16.9 WBTC stolen in four transactions. RFQ systems need independent security reviews, not just protocol-level audits
The vulnerability in the RFQ proxy implementation is a wake-up call for the entire ecosystem. Relying on signature validation without strictly scoping the proxy’s call permissions is a recipe for disaster. This post-mortem is a great resource for other devs to avoid the same pitfalls.
the proxy having unchecked call scope is like leaving your front door open and blaming the lock company
Another day, another multi-million dollar exploit in DeFi. It’s getting hard to keep track of these design flaws lately. Seriously though, how does something like this get past a security review? Just glad I didn’t have any liquidity in those pools when it happened.
4 drain transactions in a row and nobody at TrustedVolumes noticed. no real-time monitoring is the actual scandal
$5.9M gone in 4 transactions and TrustedVolumes had no halt mechanism. every DeFi protocol needs a kill switch, this is embarrassing in 2026