Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
Yearn Finance tweeted: “While there is no direct exposure to Euler, some vaults are indirectly exposed to the hack. Vaults using the Idle and Angle strategies have a combined exposure of $1.38 million on yvUSDT and yvUSDC. The developers are currently actively working on the affected protocol, any remaining bad debt will be borne by the Yearn Treasury, and all vaults will remain open and fully operational for users as usual." On May 3, Yearn Finance tweeted that all funds impacted by the march Euler hack have now been recovered. The affected vaults were yvUSDC & yvUSDT, with these strategies having indirect exposure: Idle Finance v4 [Best yield] and Angle Standard LP. Attack method (per SlowMist): Affected by Euler Finance Attack. Reported loss: $ 1,380,000.
- chain
- —
- protocol
- Yearn Finance
- bug_class
- unknown
- date_occurred
- 2023-03-14
- loss_usd
- $1,380,000
- source_id
- sm:yearn-finance::2023-03-14