Bitcoin treasury firms outline $3 trillion opportunity in BTC-backed digital credit at Consensus
Bitcoin treasury executives identify a $3 trillion opportunity in digital credit, with the market already at $10 billion.
CoinDesk1 min read
DeFi Platform TrustedVolumes Hit by $6.7M Exploit
TL;DR
TrustedVolumes, a DeFi liquidity resolver, suffered a $6.7 million exploit, draining various cryptocurrencies. 1inch confirmed that its systems were unaffected by the incident, which was linked to flaws in the contract's security.
Key points
- TrustedVolumes lost $6.7 million in a hack
- 1inch confirmed its systems were unaffected
- The exploit involved flaws in signer registration
- Stolen assets included WETH, USDT, WBTC, and USDC
- The same attacker was linked to a previous incident
Mentioned in this story
TrustedVolumes1inch
WETHWBTC
BTCBitcoinETHEthereumSOLSolanaLINKChainlinkARBArbitrumMKRMakerAAVEAaveUSDTTetherUSDCUSD CoinCOINCoinbase
In brief
- A hack drained $6.7 million from TrustedVolumes, a liquidity resolver used by multiple DeFi protocols.
- 1inch denied any exposure to the incident, saying its “systems, infrastructure or user funds” were unaffected.
- Experts pointed to signer and replay flaws, warning that the damage could have been larger. TrustedVolumes, a liquidity provider used by multiple DeFi protocols, was hit by an exploit that has so far drained around $6.7 million in funds. Blockchain analytics firm Blockaid's exploit detection system identified the victim contract as TrustedVolumes' resolver on Ethereum, with the attacker extracting approximately 1,291 WETH, 206,282 USDT, 16.93 WBTC, and 1.26 million USDC. The firm flagged the exploiter as the same operator behind the March 2025 1inch Fusion V1 incident, leveraging a different vulnerability, this time in a TrustedVolumes-controlled custom RFQ swap proxy. An RFQ, or request-for-quote, swap proxy is a contract that handles price quotes and token swaps between a market maker and traders. TrustedVolumes confirmed the breach, publishing three wallet addresses holding the stolen funds, approximately $3 million, $3 million, and $700,000, and said it was "open to constructive communication regarding a bug bounty and a mutually acceptable resolution."
🚨 We were recently exploited.
The addresses currently holding the stolen funds are:
— approx. $3M — approx. $3M []
[] —…
— TrustedVolumes (@trustedvolumes) May 7, 2026 Hakan Unal, senior security operations lead at crypto security firm Cyvers, told *Decrypt* the root cause was a combination of “permissionless signer registration, broken replay protection, and an unvalidated transfer source field.” The flaws let the attacker act as a trusted signer and drain victims without valid authorization, with funds routed through high-risk no-KYC exchange ChangeNow before being swapped to ETH, he added. “The damage could have been far greater,” Unal said. “With replay protection nonfunctional, the attacker could have potentially drained additional approved accounts repeatedly.” *Decrypt* has reached out to TrustedVolumes for comment.
Q&A
What happened in the TrustedVolumes exploit?
TrustedVolumes was hacked, resulting in a loss of approximately $6.7 million in funds due to vulnerabilities in its liquidity resolver.
How did the attacker exploit TrustedVolumes?
The attacker exploited flaws in permissionless signer registration and replay protection, allowing them to drain funds without valid authorization.
What cryptocurrencies were stolen in the TrustedVolumes hack?
The stolen assets included around 1,291 WETH, 206,282 USDT, 16.93 WBTC, and 1.26 million USDC.
What is 1inch's response to the TrustedVolumes incident?
1inch denied any involvement in the exploit, stating that its systems and user funds were unaffected, and emphasized that TrustedVolumes operates independently.
