A significant vulnerability in Yearn Finance’s yETH pool on Ethereum has enabled an attacker to drain about $9m in assets.
According to new findings released by Check Point Research (CPR), the flaw in the pool’s internal accounting allowed the perpetrator to mint 235 septillion yETH tokens after depositing only 16 wei, worth roughly $0.000000000000000045 at the time of the attack.
A Complex Exploit
The cybersecurity researchers said a critical oversight in the pool’s cached storage system created the opening.
The yETH pool uses stored virtual balances, known as packed_vbs[], to reduce gas costs during operation.
When all liquidity was removed from the pool, the main supply counter reset to zero, but the cached values did not. This desynchronization led the protocol to believe the pool was empty even though leftover phantom balances remained in storage.
The attacker took advantage of this by repeatedly cycling deposit and withdrawal transactions through flash loans. Each pass left behind small residual virtual balances that accumulated over time.
After completely emptying the pool, the attacker deposited tiny amounts across eight supported tokens. The protocol interpreted the action as a first-time deposit and minted tokens based on the inflated cached values instead of the negligible input.
Read more on Ethereum-related attacks: DeFi Protocol Balancer Loses Over $120m in Cyber Heist
How the Breach Unfolded
The intrusion progressed in six distinct phases:
-
Borrowing assets through flash loans
-
Polluting stored virtual balances with repeated deposit-withdrawal cycles
-
Burning all LP tokens to drop the supply to zero
-
Depositing 16 wei across the pool to trigger the flawed “first deposit” logic
-
Swapping the newly minted yETH for underlying assets
-
Converting proceeds to ETH, repaying loans and laundering funds
The attacker ultimately exchanged the stolen LSD assets, including wstETH, rETH and cbETH, into ETH through various DEXs before routing a portion through Tornado Cash.
CPR noted that the incident underscores the risk created by complex AMM mechanics and gas-saving optimizations.
“For defenders, this exploit reinforces that correctness in complex systems requires explicit handling of ALL state transitions, not just the happy path,” they said.
The company added that the breach could have been prevented with transaction simulation, sequence-level monitoring and automated blocking of abnormal minting behavior.
