Bonzo Lend, a lending protocol on the Hedera mainnet, has paused operations following an oracle exploit on July 11, 2026, leading to an estimated lack of $9 million. Bonzo acknowledged that the incident stemmed from the verification layer of a third-party oracle, whereas Bonzo Lend’s core contracts functioned precisely as designed.
What Occurred
In keeping with Bonzo’s incident report, the exploit started round 00:51 UTC on July 11, 2026, when a pockets recognized as Pockets A submitted a worth replace to a third-party on-demand oracle system on the Hedera mainnet. The submitted worth involved the SAUCE/wHBAR pair and was closely manipulated in comparison with the precise market charge. Bonzo famous that this knowledge didn’t replicate regular market fluctuations, as the value of SAUCE remained comparatively unchanged throughout the identical timeframe.
Simply seconds after the wrong worth was recorded on-chain, Pockets A used a tiny quantity of SAUCE as collateral to borrow property at a scale that vastly exceeded the precise worth of the collateral. In different phrases, the system considered the collateral as if it have been value considerably greater than its precise worth, thereby triggering the extreme borrowing.
How the Oracle Exploit Labored
The technical core of this incident lies inside Oracle’s signature verification layer. Bonzo acknowledged that whereas they make the most of each Supra and Chainlink on Hedera, most asset costs inside the ecosystem are offered by Supra utilizing a “push” mannequin. Merely put, Supra’s oracle committee indicators and pushes costs on-chain, whereas Bonzo Lend merely reads the saved knowledge to calculate the worth of collateral and loans.
Bonzo clarified that no legitimate oracle signatures have been cast, and the precise market worth of SAUCE didn’t fluctuate considerably sufficient to elucidate the divergence seen on-chain. As a substitute, the contract verifier accepted an invalid submission as a result of a essential safety examine was not correctly executed.
In keeping with the most recent report, the information submitted by Pockets A to the oracle contract included a committee ID, a committee hash, and a zeroed-out signature. A correct verifier ought to have blocked this on the very first step, even earlier than the pairing examine. Nonetheless, on this case, the system handed the information into the BLS pairing examine on the Hedera precompile. As a result of each the signature level and the referenced public key have been zeroed out, the pairing examine returned true primarily based on the mathematical logic of the offered enter, leading to a validation that was incorrect in context.
Bonzo additionally emphasised that this was not a flash-loan assault, nor was it market manipulation within the standard sense, and it was not attributable to a bug in Bonzo Lend’s core contracts.
Losses and Protocol Affect
Bonzo estimates the first loss from Pockets A to be roughly $9.05 million, calculated primarily based on the principal withdrawn through the exploit transaction. This determine doesn’t embody accrued curiosity, transaction charges, subsequent worth fluctuations, or any probably recoverable property.
When factoring in Pockets B, the full worth borrowed through the irregular window may attain roughly $10.06 million. Nonetheless, Bonzo separated this pockets from the full loss, stating that its proprietor proactively contacted the staff as a white-hat responder and dedicated to returning the property.
Bonzo’s disclosed loss breakdown. Supply: Bonzo Lend
Pockets A deposited 250 SAUCE and subsequently borrowed 6,634,528.202695 USDC and 34,518,389.36109841 wHBAR. This sequence demonstrates that the borrower withdrew property vastly exceeding the worth of the deposited collateral. The influence on the protocol was quick, with Bonzo Lend being paused at 01:41 UTC and Bonzo Factors being paused at 05:50 UTC.
How Bonzo and Hedera Responded
Bonzo paused Bonzo Lend instantly after the incident to mitigate additional threat, whereas additionally publishing a technical report detailing the timeline and related on-chain references. Within the report, the staff made it clear that the difficulty originated on the oracle layer, not inside Bonzo Lend’s logic.
Hedera additionally voiced its help for Bonzo, confirming that the mainnet continues to function usually. In keeping with Hedera’s message, the vulnerability lay in an upstream oracle layer, and the community’s core providers weren’t compromised. Bonzo famous that Supra acknowledged the incident and deployed a repair for the affected verifier contract on the Hedera mainnet.
Bonzo acknowledged that Pockets B proactively contacted the staff as a white-hat responder and dedicated to returning the property, although the ultimate recovered quantity has not but been introduced.
What Comes Subsequent for Bonzo Lend
The pausing of Bonzo Lend leaves customers briefly unable to make use of the protocol usually, whereas liquidity suppliers should look ahead to additional updates concerning withdrawal availability and the restoration course of. The staff acknowledged they’re persevering with to work with the Bonzo Finance Basis and companions to deal with the restoration course of associated to Pockets B, in addition to to find out the required situations to soundly reopen the protocol. At the moment, Bonzo is finalizing its complete overview of the incident and the patches on the oracle verification layer earlier than releasing a brand new timeline for resumption.








