Post-Mortemconfirmed

2026-05-10 13:11:12 UTC

Solv Protocol's BRO vault lost $2.7M after an attacker exploited a missing nonReentrant modifier on two callback functions in the BitcoinReserveOffering contract — converting 135 BRO into 567 million BRO via repeated reentrant minting, then swapping for 38 SolvBTC. The contract shipped without an audit; Solv's HackenProof bug bounty excluded the vulnerable EVM contract entirely. Solv has pledged full reimbursement. Source: https://rekt.news/solv-rekt

Receipts

Sourcehttps://rekt.news/solv-rekt
USD Impact$2,700,000