
An attacker drained ~$9M from Bonzo Lend on Hedera by exploiting a verifier that accepted an invalid price update. Supra patched the bug, but the incident exposes risks in on-demand oracle setups.
Alpha Score of 39 reflects weak overall profile with poor momentum, weak value, strong quality, moderate sentiment.
An attacker drained roughly $9 million from Bonzo Lend on Hedera early Saturday by exploiting a flaw in the protocol's on-demand oracle verifier, according to posts from the project and blockchain security firms.
The exploit hit around 00:51 UTC on July 11. The attacker submitted a price update that inflated the value of SAUCE, a long-tail token, by roughly 12 orders of magnitude. The verifier contract accepted the update even though it carried an invalid or zeroed signature. Downstream, the lending protocol treated the collateral as massively valuable and allowed outsized borrowing against it, Crypto Times reported.
Bonzo Finance attributed the incident to a flaw in Supra's on-chain oracle verifier on Hedera. The verifier is supposed to check that a price update carries a valid signature from an authorized signer. In this case, it did not. Supra acknowledged the issue and deployed a fix to the verifier contract on Hedera mainnet, Bonzo said in a statement cited by CryptoBriefing.
On-demand oracle setups let users request or submit a price update when a trade or borrow needs it, rather than waiting for a periodic push. That design improves latency. It also makes the verifier the last line of defense. If the verifier accepts a malformed payload, downstream lending logic sees a price, not a lie.
Early tallies from on-chain watchers put the haul near $10 million before a white-hat return was excluded. The attacker borrowed roughly 6.63 million USDC and about 34.5 million wrapped HBAR during the window, BeInCrypto reported. About $5.25 million was bridged to Ethereum and swapped into WBTC and ETH within hours, according to Crypto Times and on-chain data flagged by Specter and PeckShield.
Bonzo paused the protocol after the exploit. Supra's fix addresses the specific verifier bug. The incident highlights a broader risk: oracle verifier assumptions are often under-scrutinized in audits. Teams that use similar on-demand verifier logic on other chains should review their deployments, security analysts said.
In an on-demand model, the verifier should reject any update with a missing or zeroed signature, a signer not in the active set, a timestamp outside an expiry window, a non-incrementing nonce, or a deviation that exceeds configured bounds unless a multi-signer quorum clears it. The Bonzo case reads like the very first line failed: a malformed or invalid signature was treated as valid, CryptoBriefing reported.
Prices do not need to be "true" to pass. They need to be correctly attested. That is why verifier assumptions feel invisible during audits. Everyone stares at the math downstream while the attestation gate gets a cursory glance.
For lenders, the incident reinforces a few practical points. Stick to markets with deep liquidity and conservative caps. Check whether a protocol uses multiple price sources or has deviation checks at the app layer. Monitor official channels for pause notices. Assume long-tail collateral can go wrong in surprising ways.
Supra moved to patch the verifier that misbehaved on Hedera. Bonzo paused then began triage right after the event. Expect more reviews across other chains that use similar verifier logic. Expect lenders to yank or cap long-tail collateral. Expect more cross-chain freezes if flagged addresses try to move size.
Verification paths, signer rotation, and payload formats will get more ink in audits. The surface area is small and testable. Simulate malformed signatures. Fuzz timestamps and nonces. Require proofs that a verifier rejects garbage every time.
That might look like tighter LTVs, variable interest spikes during stress, and slower listings for new tokens. It is not fun. It is an honest response when a nine million hit arrives through a gate that was supposed to be simple.
Do not assume a single contract fix ends it. The failure was an assumption, not just a line of code.
The immediate break happened in the oracle verifier. It accepted a price update with a zeroed or invalid signature, which should have been rejected. The lending protocol then processed that price as if it were real. Both layers matter. The key misstep was at verification, CryptoBriefing reported.
The attacker submitted an on-demand price update inflating SAUCE by roughly 12 orders of magnitude. Because the verifier accepted it, the app believed the collateral was massively valuable and allowed outsized borrowing against it, BeInCrypto reported.
Reports cited around 6.63 million USDC and about 34.5 million wrapped HBAR drawn during the window, with the total near 10.06 million before a white-hat piece was excluded. Roughly 5.25 million was bridged to Ethereum and swapped into assets like WBTC and ETH soon after, BeInCrypto and Crypto Times reported.
Yes. Bonzo said Supra acknowledged the verifier issue and deployed a fix to the affected verifier contract on Hedera mainnet. That addresses the specific bug path. Broader reviews are still prudent.
If the same verifier logic was deployed elsewhere without the fix, similar risk could exist. Many providers tailor deployments per chain, so impact can vary. Teams should inventory where the same verifier code runs and patch with urgency.
Stick to markets with deep liquidity and conservative caps. Check whether a protocol uses multiple price sources or has deviation checks at the app layer. Monitor official channels for pause notices. Assume long-tail collateral can go wrong in surprising ways.
It is complicated. Addresses are flagged, which helps some venues block redemptions. On-chain swaps into liquid assets make straight-line recovery harder. Negotiations or partial clawbacks are possible. Far from guaranteed.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Prepared with AlphaScala editorial tooling from the source reporting linked above. Indexable analysis may include a cited Alpha Score value. Publishing checks screen each story before release. Educational coverage, not personalized advice.