Logo
My Crypto News AI

How a Zeroed Signature Let Attackers Drain $9 Million From Bonzo Lend's Oracle

A lending protocol on the Hedera blockchain lost approximately $9 million after attackers exploited a critical flaw in its price oracle verification system, inflating the value of a low-priced collateral token to borrow millions in stablecoins and wrapped tokens. The incident, which occurred on July 11, underscores how even well-audited smart contracts remain vulnerable when the external pricing infrastructure they depend on fails.

What Happened in the Bonzo Lend Oracle Exploit?

The attack began at approximately 00:51 UTC on July 11 when an attacker submitted a manipulated price update for SAUCE, a token normally trading around 0.2 HBAR (Hedera's native cryptocurrency). The malicious update inflated SAUCE's reported value by roughly 12 orders of magnitude, making it appear extraordinarily valuable.

Using this false pricing, the attacker deposited just 250 SAUCE tokens, worth only a few dollars at actual market rates, and used them as collateral to borrow:

  • USDC Borrowed: Approximately 6.63 million USDC stablecoins were withdrawn from the lending pool.
  • Wrapped HBAR Borrowed: More than 34.5 million WHBAR (wrapped Hedera tokens) were extracted from the protocol.
  • Total Principal: The primary attacker's borrowing reached approximately $9.05 million based on HBAR trading at $0.06998.

Eight seconds after the false price was recorded, the attacker executed the massive borrowing transaction. The manipulated price remained active for 45 minutes until legitimate oracle publishing restored SAUCE to approximately 0.1964 HBAR at 01:36 UTC. Bonzo Lend paused the protocol five minutes later.

Why Did the Oracle Verification System Fail?

The vulnerability lay in how Supra, the oracle provider, verified price updates. According to Bonzo's investigation, the oracle verifier accepted the manipulated SAUCE price update even though it contained a zeroed signature rather than a valid signature from the authorized oracle committee.

Specifically, both the signature point and the referenced committee public key resolved to zero, allowing the cryptographic check to incorrectly return a valid result. This is a critical flaw because price oracles are supposed to validate that updates come from trusted sources before accepting them. When that validation breaks down, attackers can inject false pricing data directly into the protocol.

Bonzo identified Supra as the source of the vulnerability and noted that Supra acknowledged the issue and deployed a fix to the affected verifier contract on Hedera mainnet. However, the damage had already been done by the time the fix was implemented.

How Did Attackers Move the Stolen Funds?

On-chain investigator Specter initially detected the incident by tracking cross-chain fund movements. The attacker began bridging assets from Hedera to Ethereum through LayerZero, a cross-chain messaging protocol, with some wrapped Bitcoin later converted into ETH.

By the time Specter's initial report, over $3.7 million had already been bridged to Ethereum. The receiving wallets held ETH and WBTC (wrapped Bitcoin), with portions of the wrapped Bitcoin exchanged for ETH after crossing the network. However, LayerZero itself was not the source of the vulnerability; it simply served as the route for moving stolen assets.

A second wallet borrowed approximately $1 million while the manipulated price remained active. That wallet later contacted Bonzo, identified itself as a white-hat responder (a security researcher acting in good faith), and stated its intention to return the assets. Bonzo excluded this amount from its headline impact figure, though total borrowing during the abnormal pricing period reached approximately $10.06 million.

How to Understand Oracle Attacks in DeFi?

Oracle attacks have become one of the most persistent security challenges in decentralized finance. Unlike traditional finance, blockchain protocols cannot independently determine asset prices. Instead, they rely on external data providers called oracles to supply real-time pricing information. When those price feeds become compromised, the consequences can be severe.

  • Why Oracles Are Attractive Targets: Attackers often target external infrastructure rather than smart contract logic itself, avoiding the need to find coding errors inside lending protocols and instead manipulating the pricing mechanisms that determine collateral values.
  • Historical Precedent: Earlier in 2026, attackers targeted YieldBlox, a decentralized lending platform on the Stellar network, using similar collateral-pricing manipulation, draining approximately $10 million after artificially inflating USTRY collateral value.
  • Recurring Pattern: DeFi has experienced numerous oracle-related exploits involving protocols such as Mango Markets and Inverse Finance, where manipulated price feeds enabled attackers to borrow or withdraw funds unfairly.

Modern DeFi protocols have increasingly adopted defensive measures including multi-source oracle networks, time-weighted average pricing (TWAP), circuit breakers, price deviation limits, and multi-signature verification systems. However, every additional integration introduces new potential attack surfaces.

What Does This Mean for DeFi Security in 2026?

The Bonzo incident arrives during an exceptionally difficult period for decentralized finance security. Industry reports show that the second quarter of 2026 recorded the highest number of DeFi exploits on record, with 83 separate security incidents and approximately $755 million stolen.

Across the first half of 2026, blockchain analytics platform CryptoRank tracked 121 hacking incidents and nearly $942 million in total losses. Cross-chain bridge attacks accounted for roughly $351 million in losses, while administrator compromises and fake token price manipulation together represented around 37% of all quarterly losses.

The broader impact on investor confidence has been measurable. DeFi's Total Value Locked (TVL), the amount of cryptocurrency deposited in lending and trading protocols, declined from approximately $115 billion in January to just over $70 billion in June, representing a drop of nearly 39%. Although broader market conditions have also influenced capital flows, repeated security breaches continue to weigh heavily on investor confidence.

Bonzo cautioned that the $9.05 million estimate represents borrowed principal rather than a final loss calculation. It does not include interest, transaction fees, subsequent swaps, market-price changes, or any assets later recovered. Bonzo Lend and Bonzo Points remain paused while the team evaluates recovery and withdrawal plans. Other Bonzo products, including Bonzo Vaults, Bonzo Bridge, and single-sided BONZO and XBONZO staking, were not affected and continued operating normally.

The incident reinforces a critical lesson the industry has learned repeatedly: most modern DeFi protocols spend enormous resources auditing smart contracts, yet many exploits originate outside the contracts themselves. Price oracles have effectively become the foundation of decentralized lending. If they fail, even briefly, entire protocols can become vulnerable regardless of how secure their core code may be. As institutional participation in DeFi grows, confidence will increasingly depend not only on blockchain security but also on the reliability of every supporting infrastructure layer.