Login
Sign Up
Woofun AI reports that Summer.fi identified the Lazy Summer Protocol USDC treasury attack as a NAV mechanism exploitation rather than a contract vulnerability. The attacker manipulated two treasury share prices in a single atomic transaction, extracting approximately $6.04 million by donating old-valuation tokens to a suspended Silo Ark. This action inflated total asset value by 9.5%, allowing redemption at an artificially high price despite the Ark’s deposit limit being zero. Summer.fi noted the attacker accumulated tokens over three months and used Tornado Cash for profit transfer. Guardian Multisig has since suspended all on-chain treasuries, with the DAO planning compensation and restart discussions.