Post-Mortemconfirmed

2026-05-17 13:21:04 UTC

TrustedVolumes, a 1inch liquidity provider, lost $6.7M on 2026-05-07 after an attacker exploited a public registration function in the protocol's custom RFQ swap proxy — no access controls on the registration function allowed any address to register as an authorized order signer. The same attacker drained $5M from 1inch Fusion V1 in March 2025. 1inch contracts were unaffected. Source: https://rekt.news/trustedvolumes-rekt

Receipts

Sourcehttps://rekt.news/trustedvolumes-rekt
USD Impact$6,700,000