Solv Protocol's Third Incident in 14 Months: Unaudited Contract, $2.73M Gone

Commissioned, Curated and Published by Russ. Researched and written with AI.

What’s New

Changelog

On March 5, 2026, someone fed 135 BRO tokens into Solv Protocol’s BitcoinReserveOffering contract and walked out with 567 million. The transaction looped 22 times. Total cost to Solv: 38 SolvBTC, worth $2.73 million.

The mechanism is a classic reentrancy variant. The BitcoinReserveOffering contract issued tokens and then fired a callback to the recipient before updating its own internal accounting. The attacker’s contract used that window – between receiving tokens and the contract recording the transaction – to call back in and claim another allocation. Repeat 22 times. The contract kept handing out tokens because, as far as it knew, the first issuance hadn’t happened yet.

Fewer than 10 users were affected by the resulting drain. Solv has said it will cover the losses. The attacker skipped the offered 10% white hat bounty and routed the funds to RailGun, the privacy protocol that makes tracing considerably harder.

The BitcoinReserveOffering contract had shipped without an audit and without bug bounty coverage.

The Oldest Trick in the Book

That last sentence deserves a moment. Solv Protocol describes itself as the “largest on-chain Bitcoin reserve.” As of March 5th it held hundreds of millions in user funds. And it deployed new contracts – in production, on mainnet, holding real money – without an audit, and without the defensive layer that a bug bounty programme provides.

Reentrancy is not a novel attack. The DAO hack in 2016 ran the same fundamental pattern. The fix is well-understood: update your state before making external calls, or use a reentrancy guard. It appears on page one of every serious smart contract security checklist. An auditor would have flagged it. A bug bounty researcher probably would have found it. Neither got the chance.

Third Time

March 2026 is not Solv’s first time here.

January 2025: Solv’s official Twitter account was compromised and used to push phishing links to its followers. The communications channel for the self-described largest on-chain Bitcoin reserve was under someone else’s control for a period.

Late 2025: Solv’s TVL figures were found to contain accounting errors that significantly overstated assets under management. Rekt.news described it as “bad math homework.” The numbers were corrected.

March 2026: An unaudited contract, a reentrancy callback, $2.73M drained.

Each time, the response follows the same structure. A statement goes out. The incident is framed as limited in scope. Affected users are told they will be made whole. The language lands somewhere between “contained” and “resolved.”

Three incidents in 14 months. The first was an operational failure. The second was a data integrity failure. The third is a code security failure on a contract that was never reviewed.

What they share is not bad luck. It’s the absence of controls that exist specifically to prevent these outcomes.

What “Unaudited” Actually Means at Scale

An audit is not a guarantee. Bug bounties don’t catch everything. But they represent a deliberate choice – to have your code reviewed by someone whose job is to find the flaw before an attacker does. Skipping both, on a contract holding access to Bitcoin reserves, is not a neutral engineering decision. It’s a bet that the code is right.

The question worth asking is not whether any individual failure was foreseeable. It’s why a protocol holding this much in user assets keeps shipping without the controls that the rest of the industry treats as baseline.

Solv’s pattern – incident, statement, coverage, repeat – suggests the answer to that question is financial rather than technical. It is cheaper, until it isn’t, to ship fast and cover losses than to audit first. The maths held for 14 months. On March 5th it stopped.

When you hold other people’s Bitcoin, “we’ll cover the losses” is not a security posture. It’s a consequence.

Sources: Rekt News – The Block – QuillAudits