Bitcoin-based decentralized finance platform Solv Protocol confirmed that one of its structured vaults suffered a limited exploit that drained roughly $2.7 million in digital assets. The incident affected fewer than 10 users and involved about 38.0474 SolvBTC, a token pegged to Bitcoin.
The team disclosed the incident in a public statement on X. The protocol said the exploit targeted one of its Bitcoin Reserve Offering (BRO) vaults, which forms part of its yield infrastructure. The company promised reimbursement for the affected users and assured the broader community that the rest of the system remained intact.
"All other vaults and user funds remain secure and unaffected," the project said in its incident update.
Incident Update: BRO Vault
— Solv Protocol (@SolvProtocol) March 5, 2026
A limited exploit occurred in one of our BRO vaults, affecting a very small number of users (<10).
The impacted amount is 38.0474 SolvBTC.
All other vaults and user funds remain secure and unaffected. We're actively investigating with top security…
Exploit drained roughly 38 SolvBTC
The exploit removed approximately 38 SolvBTC from the affected vault. SolvBTC represents Bitcoin deposited into the protocol and serves as the backbone for lending, borrowing, and staking activity across multiple chains within the platform’s ecosystem.
According to the project, fewer than 10 users held funds in the affected vault. Solv confirmed that it will cover the losses linked to the incident.
The platform manages a large Bitcoin reserve on-chain. Solv reports holdings of 24,226 Bitcoin, worth more than $1.7 billion at current prices. The protocol positions itself as a Bitcoin yield platform that allows users to deploy BTC into decentralized finance strategies through tokenized assets.
Researchers identify possible smart contract flaw
The protocol has not released a full post-mortem of the incident. However, independent security researchers described how the exploit may have occurred.
According to CD Security co-founder Chris Dior, the attacker executed a vulnerability multiple times before converting the proceeds into SolvBTC. Dior said the attacker triggered the exploit 22 times and then exchanged hundreds of millions of minted tokens for slightly more than 38 SolvBTC.
🚨JUST IN:@SolvProtocol exploited for ~$2.7M due to a double-mint bug.
— chrisdior.eth (@chrisdior777) March 5, 2026
An ERC3525 mint triggered an ERC721 callback that minted BRO twice.
The attacker looped burn -> mint 22 times, inflating 135 BRO to 567M BRO before swapping for ~38 SolvBTC.
Alert: @DefimonAlerts pic.twitter.com/16Vjpe2lFZ
Automated monitoring from security firm Decurity identified a possible double-minting vulnerability within the Bitcoin Reserve Offering smart contract. The vulnerability allowed the attacker to inflate a small number of tokens into hundreds of millions before swapping them for SolvBTC.
The monitoring system recorded the attacker converting roughly 135 BRO tokens into approximately 567 million BRO tokens before the swap.
A pseudonymous blockchain researcher known as Pyro described the exploit as a reentrancy attack. This type of vulnerability allows repeated interactions with a smart contract before internal balances update properly.
Reentrancy attacks remain one of the most persistent risks in decentralized finance. Smart contracts rely on automated code to manage assets, which means vulnerabilities can allow attackers to manipulate accounting logic.
Security partners alerted the team
Solv credited several blockchain security companies for helping identify the issue quickly. The team said alerts from Hypernative, SlowMist and CertiK enabled a rapid response.
"Special thanks to HypernativeLabs, SlowMist_Team, and CertiK for promptly alerting us—enabling rapid response," the project wrote.
The protocol said it has implemented additional safeguards to prevent similar exploits. Engineers continue to investigate the root cause while working with security partners.
Hacker offered 10% white hat bounty
Solv also addressed the attacker directly. The project offered a white hat bounty equal to 10% of the stolen funds if the assets return voluntarily.
"To the exploiter: We offer a 10% white hat bounty if you return the funds promptly," the project wrote.
The team published an Ethereum address and asked the attacker to respond through an on-chain message or direct communication.
Blockchain records show no response from the attacker at the time of publication, according to data visible on Etherscan.
DeFi exploits continue across the sector
The incident adds to a series of attacks that targeted decentralized finance platforms in recent months. Vulnerabilities in smart contracts remain a common entry point for attackers who exploit coding errors or economic weaknesses in protocol design.
Solv said the exploit remained contained within a single vault and did not affect its broader system or other user funds. The protocol emphasized that compensation will cover all losses linked to the incident.
"Your funds are safe—thank you for your trust as we strengthen the protocol," the project said in its update.
A detailed post-incident report has not yet been released.
Oleksii Shumak
Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that, despite the nature of much of the material created and hosted on this website, HODL FM operates as a media and informational platform, not a provider of financial advisory services. The opinions of authors and other contributors are their own and should not be taken as financial advice. If you require advice, HODL FM strongly recommends contacting a qualified industry professional.
