Close Menu
StreamLineCrypto.comStreamLineCrypto.com
  • Home
  • Crypto News
  • Bitcoin
  • Altcoins
  • NFT
  • Defi
  • Blockchain
  • Metaverse
  • Regulations
  • Trading
What's Hot

Polymarket: Le Pen 32% in 2027 French race, volume tops $114.8M

July 18, 2026

Did L2s break Ethereum’s ultrasound money?

July 18, 2026

SWIFT built its answer to stablecoins: Bank money

July 18, 2026
Facebook X (Twitter) Instagram
Saturday, July 18 2026
  • Contact Us
  • Privacy Policy
  • Cookie Privacy Policy
  • Terms of Use
  • DMCA
Facebook X (Twitter) Instagram
StreamLineCrypto.comStreamLineCrypto.com
  • Home
  • Crypto News
  • Bitcoin
  • Altcoins
  • NFT
  • Defi
  • Blockchain
  • Metaverse
  • Regulations
  • Trading
StreamLineCrypto.comStreamLineCrypto.com

Prices from the future fooled this crypto oracle into sending millions to wrong wallet

July 16, 2026Updated:July 18, 2026No Comments4 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Prices from the future fooled this crypto oracle into sending millions to wrong wallet
Share
Facebook Twitter LinkedIn Pinterest Email
ad

Ostium, an on-chain perpetuals buying and selling platform, stated a five-minute safety incident precipitated losses from its public liquidity vault. Safety companies estimated the exploit at as much as $24 million.

Co-founder Kaledora Kiernan-Linn confirmed that the problem ran from 14:18 to 14:23 UTC on July 15 and affected the general public Ostium Liquidity Supplier (OLP) vault. She stated the staff recognized it inside minutes and coordinated a buying and selling pause throughout the hour. The assertion didn’t give a definitive loss whole, establish the basis trigger, or present a remaining postmortem.

Safety companies stated licensed information, relatively than a lacking signature, sat on the middle of the incident. Blockaid and Cyvers stated a registered PriceUpKeep forwarder submitted future-dated, licensed oracle stories that created synthetic buying and selling income.

SlowMist stated a certified signer equipped validly signed manipulated information used for repeated worthwhile trades. These descriptions stay third-party findings pending Ostium’s postmortem.

Cryptographic authentication can set up {that a} permitted key signed a report. Worth plausibility, timestamp freshness, and settlement security require separate controls.

The OstiumVerifier code linked from Ostium’s safety documentation recovers an ECDSA signer and checks whether or not the signer is allowed, however that verifier perform doesn’t implement a price-plausibility check or timestamp sure.

The code doesn’t seem to establish which implementation was lively throughout the incident or whether or not separate contracts utilized these checks. Any timestamp, replay, price-deviation, or multi-source safeguards must function elsewhere within the execution path.

Prices from the future fooled this crypto oracle into sending millions to wrong wallet
Associated Studying

How tokenized shares fail as collateral even when the inventory value doesn’t transfer

Edel’s exploit was small, but it surely hit the subsequent frontier for tokenized equities: credit score markets, the place 1:1 backing shouldn’t be sufficient if wrappers, vaults and trade charges might be gamed.

Jul 2, 2026 · Gino Matos

Ostium’s protocol documentation states that the OLP vault holds merchants’ collateral and pays out successful trades instantly on-chain. If synthetic income have been accepted for settlement, vault liquidity funded the payouts.

Flowchart showing how future-dated authorized oracle reports allegedly became artificial trading profits paid by Ostium's public OLP vault, alongside attributed loss estimatesFlowchart showing how future-dated authorized oracle reports allegedly became artificial trading profits paid by Ostium's public OLP vault, alongside attributed loss estimates

Printed estimates rose as tracing continued. Blockaid put the payout close to $18 million, Cyvers estimated $23.7 million, and PeckShield later described roughly $24 million drained.

CryptoSlate Each day Transient

Each day indicators, zero noise.

Market-moving headlines and context delivered each morning in a single tight learn.

5-minute digest 100k+ readers

Free. No spam. Unsubscribe any time.

Whoops, appears like there was an issue. Please strive once more.

You’re subscribed. Welcome aboard.

SlowMist’s decrease $11.86 million determine seems to trace one 11,862,444.782 USDC vault outflow seen in its cited transaction.

New SummerFi DeFi exploit shows AI automation now sits above smart contract riskNew SummerFi DeFi exploit shows AI automation now sits above smart contract risk
Associated Studying

New SummerFi DeFi exploit exhibits AI automation now sits above good contract danger

Blockaid estimated about $6 million drained as Summer time.fi paused Lazy Summer time vaults and investigated the trigger.

Jul 7, 2026 · Liam ‘Akiba’ Wright

PeckShield stated the extracted USDC was swapped into 12,080 ETH and that 10,540 ETH had reached Twister Money by its replace. Kiernan-Linn stated Ostium was working with regulation enforcement, SEAL 911, and third-party safety specialists.

The mechanics distinguish Ostium from an identical challenge with Bonzo Lend, a Hedera lender hit 4 days earlier. Bonzo’s incident report stated its verifier accepted a proof carrying no legitimate signature. In Ostium’s case, safety companies allege the stories got here via a certified signer path: authentication succeeded, however the information was allegedly unsafe.

How a zeroed oracle signature unlocked $9M from Hedera DeFi lender Bonzo LendHow a zeroed oracle signature unlocked $9M from Hedera DeFi lender Bonzo Lend
Associated Studying

How a zeroed oracle signature unlocked $9M from Hedera DeFi lender Bonzo Lend

The verifier accepted identification inputs as proof, letting 250 SAUCE assist $9.05 million in principal borrowing.

Jul 13, 2026 · Liam ‘Akiba’ Wright

Ostium nonetheless has to ascertain whether or not a signer key was compromised, a certified operator acted maliciously, or one other privileged path was abused.

Its remediation can be judged by whether or not signer isolation, tight timestamp bounds, unbiased value checks, charge limits, and circuit breakers can forestall one trusted path from turning minutes of dangerous information into one other vault payout.

ad
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Related Posts

The traditional bank account is facing an existential threat from digital wallets

July 18, 2026

Bitcoin is trading through a dangerous weekend as 20% of the world’s oil hangs in the balance

July 18, 2026

China found a $125 billion escape valve for an economy running out of momentum

July 18, 2026

Uniswap Founder Proposes v4 Protocol Fees Across Multiple Networks

July 18, 2026
Add A Comment
Leave A Reply Cancel Reply

ad
What's New Here!
Polymarket: Le Pen 32% in 2027 French race, volume tops $114.8M
July 18, 2026
Did L2s break Ethereum’s ultrasound money?
July 18, 2026
SWIFT built its answer to stablecoins: Bank money
July 18, 2026
SUI Prints Bullish Flag Pattern As Traders Watch For Breakout
July 18, 2026
The traditional bank account is facing an existential threat from digital wallets
July 18, 2026
Facebook X (Twitter) Instagram Pinterest
  • Contact Us
  • Privacy Policy
  • Cookie Privacy Policy
  • Terms of Use
  • DMCA
© 2026 StreamlineCrypto.com - All Rights Reserved!

Type above and press Enter to search. Press Esc to cancel.