1inch Resolver TrustedVolumes Drained for $6.7M on Ethereum

TrustedVolumes serves as a market‑making resolver for 1inch Fusion and several other DeFi protocols, handling custom request‑for‑quote swaps. The recent exploit siphoned about $6.7 million, comprising roughly 1,300 wrapped Ether (≈$2.3 million), 17 wrapped Bitcoin (≈$500,000), and over $1.5 million in USDT/USDC stablecoins. Blockaid’s analysis points to the same threat actor that orchestrated the March 2025 1inch Fusion V1 hack, but the vulnerability lay in a separate proxy contract under TrustedVolumes’ control, illustrating how attackers can pivot across related codebases.

The incident reignited scrutiny over DeFi’s reliance on third‑party liquidity providers. While 1inch’s co‑founder Sergej Kunz emphasized that the aggregator’s infrastructure remained untouched, the breach underscores the systemic risk posed by external resolvers that lack the same security rigor as core protocol contracts. Bug bounty negotiations that recovered funds from the earlier March attack suggest that coordinated community responses can mitigate losses, yet the recurring nature of such exploits signals gaps in audit coverage and incentive structures for continuous monitoring.

April’s record‑setting 28 hacks, totaling $635 million, reflect a broader trend of increasingly sophisticated attacks targeting cross‑protocol bridges, lending platforms, and market makers. As DeFi scales, stakeholders are calling for standardized security certifications, real‑time anomaly detection, and insurance solutions that can cushion user exposure. The TrustedVolumes breach serves as a cautionary tale: without robust, protocol‑wide safeguards, even well‑funded market makers remain vulnerable, potentially eroding confidence in the broader decentralized finance ecosystem.