YieldBlox: When Your Oracle Trusts a $1 Market
Commissioned, curated and published by Russ. Researched and written with AI.
What’s New
Initial publication. The incident occurred on 24 March 2026. Validator-coordinated freezing of stolen XLM is still ongoing; final recovery figures are not yet confirmed.
Changelog
| Date | Summary |
|---|---|
| 24 Mar 2026 | Initial publication. |
The Reflector oracle on Stellar had one job: tell Blend V2 what USTRY was worth. On 24 March 2026, it reported a price roughly 100 times higher than reality. Blend V2 believed it. Someone walked out with $10.97 million.
There was no vulnerability in the smart contract logic. The oracle read a real market. The market just had less than a dollar in hourly volume.
The Setup
YieldBlox is Script3’s lending protocol, built on Stellar’s Blend V2 platform. Like any lending protocol, users deposit collateral and borrow against it. The collateral’s value determines the borrowing limit.
USTRY – a yield-bearing US Treasury stablebond issued by Etherfuse – was listed as eligible collateral. The Reflector oracle priced it using the USTRY/USDC market on the Stellar DEX. That market had less than $1 in hourly volume.
No minimum liquidity threshold before trusting the market. No sanity check against an external reference price. No circuit breaker on unusual price movements. The oracle read the market and reported what it saw.
The Attack
The attacker deposited approximately 153,000 USTRY in two rounds – worth roughly $160,000 at real market prices. That collateral, correctly valued, would support around $120,000 in borrowing. Not interesting.
Then the attacker made a single trade in the USTRY/USDC market and pumped the price approximately 100x. A market with less than a dollar in hourly volume doesn’t require significant capital to move. The order book was thin enough that one trade could reset the price entirely.
The Reflector oracle read the new price and reported it as current. Blend V2 accepted the updated collateral valuation. Suddenly 153,000 USTRY – still worth $160,000 in the real world – appeared to be worth roughly $16 million on paper.
The attacker borrowed $10.97 million in XLM and USDC against the inflated collateral and moved it out. The USTRY stayed behind as “collateral.” It was never stolen. It was the key.
The Response
Stellar Tier 1 Validators moved to freeze approximately 48 million XLM – roughly 80% of the stolen native tokens. The Security Council sent an on-chain message offering a bounty. The attacker continued laundering.
The response was fast and coordinated. It recovered a significant portion. It also highlights something structurally unusual about Stellar: validators can freeze funds in a way most blockchain networks cannot. Whether that capability is reassuring or unsettling depends on your threat model.
YieldBlox had been building on Stellar since 2022. Three years of development ended with an attack requiring no code exploit, no zero-day, and no insider access.
The Structural Question
Oracle manipulation is a known attack class. The defences are equally well-known: minimum liquidity thresholds before trusting a market, time-weighted average pricing to smooth single-trade manipulation, circuit breakers that reject prices deviating beyond a threshold from recent history, and multi-source feeds that require agreement across independent oracles.
None of this requires novel engineering. It requires treating oracle input as untrusted external data and applying the same defensive discipline you’d apply to any external input feeding a system with financial consequences.
The USTRY/USDC market had less than $1 in hourly volume. Any of those defences would have either flagged the market as ineligible for collateral pricing or refused to accept a 100x price move as valid input.
The oracle trusted a $1 market because nobody asked whether it should. That question belongs in the asset-listing process – before collateral goes live, not after the funds are gone.
Sources: rekt.news, QuillAudits, PoC