Login
Sign Up
Woofun AI reports that the Hedera-based lending platform Bonzo Lend suffered a catastrophic failure when a zero-signature vulnerability within Supra oracle validators was exploited, resulting in a $9.05 million loss. The core of the incident lies in a fundamental cryptographic confusion: validators mistook mathematical identities for valid approval proofs, effectively turning the protocol’s loan-to-value ratio rules into mechanisms that facilitated fraud rather than preventing it. This structural flaw allowed an attacker to manipulate collateral values without providing any legitimate cryptographic signature, exposing a critical gap in DeFi infrastructure verification processes.
The exploit began with Wallet A depositing 250 SAUCE tokens, an asset worth only a few dollars at the time. At 00:51 UTC, this wallet submitted a price update for the SAUCE/wHBAR pair, artificially inflating the token’s value by approximately 12 orders of magnitude despite the actual market price hovering around 0.2 HBAR. Just eight seconds after this manipulated price was stored on-chain by the oracle, the wallet executed its first withdrawal, borrowing 6.63 million USDC. It immediately followed this with a second transaction, borrowing 34.5 million wrapped HBAR. Based on Bonzo’s internal reference price, these actions allowed Wallet A to withdraw a total of approximately $9.05 million, draining the protocol’s liquidity in a matter of seconds.
The technical root cause of this breach stems from how Supra’s validators processed inputs sent to Hedera’s paired precompiled contracts. The updates submitted by the validator lacked a valid oracle signature; instead, the signature field contained [0, 0], and the referenced public key was also zero, known in cryptography as the point at infinity. Because both points represent mathematical identities, the paired equations returned true as designed, satisfying the logical conditions of the contract.
However, the validator failed to reject inputs containing zero values, identities, or non-subgroup elements before processing them. Consequently, the network correctly solved the equation it received, but the validator erroneously interpreted this mathematical solution as proof of a committee signature, treating the absence of a signature as a valid approval.
Per Woofun AI, the incident triggered a secondary exploit involving Wallet B, which borrowed approximately $1 million while the abnormal price data remained active on the chain. This wallet subsequently contacted Bonzo, identifying itself as a white-hat responder with the intention of returning the stolen funds. Bonzo reported that approximately $1 million has been recovered, although the funds have not yet been fully returned to the protocol, and the final amount remains uncertain. Despite Supra claiming that its validators have been fixed to address the vulnerability, the lending pool remains closed, indicating that the technical patch alone was insufficient to restore operational stability.
As of July 13, Bonzo Lend and Bonzo Points remain suspended, with the protocol’s official status page indicating that Bonzo Lend and all related asset markets are under maintenance. Liquidity providers are still unable to withdraw their funds while Bonzo Finance Labs and Bonzo Finance Foundation work out a path to recovery and conditions for reopening. The suspension highlights the severe operational impact of the exploit, as users are locked out of their assets pending a comprehensive resolution. The lack of immediate access to funds underscores the fragility of lending protocols when core oracle infrastructure fails to validate data integrity.
Remaining technical and operational issues continue to plague the protocol’s recovery efforts. Key concerns include whether regression tests have confirmed that validators now properly reject identity inputs, whether Bonzo will implement price deviation checks to prevent future manipulation, and whether collateral requirements will be tightened to mitigate similar risks.
Additionally, the handling of available assets when withdrawals are resumed remains unclear. The latest official update, released on July 11, states that the protocol remains suspended, reflecting the ongoing complexity of addressing both the technical vulnerabilities and the financial repercussions of the exploit.
Bonzo has not announced any compensation plans, specific dates for reopening, or withdrawal terms for users, leaving liquidity providers dependent on future recovery plans. This lack of transparency exacerbates the uncertainty surrounding the incident, as users await clarity on how their losses will be addressed. The incident serves as a stark reminder of the importance of robust cryptographic validation in DeFi protocols, where even minor oversights in mathematical verification can lead to significant financial losses. As the protocol works toward resolution, the focus remains on restoring trust and ensuring that such vulnerabilities are permanently eliminated from its infrastructure.