Audited, Tested, and Still Broken: Smart Contract Hacks of 2025

2025 was a year of smart contract exploits. Protocols that passed multiple audits, protocols that had been battle-tested for years, protocols built by teams with deep security expertise. They all fell victim to attacks that revealed something uncomfortable: we’re getting better at finding traditional bugs, but we’re still missing fundamental flaws in how protocols think about economics, mathematics, and system design.

This retrospective examines the most technically interesting incidents of the year, ordered by what they teach us about smart contract security. We’ll explore how economic invariant violations let attackers mint infinite tokens, how precision errors in AMM math turned tiny rounding mistakes into million-dollar exploits, and how system boundary failures exposed vulnerabilities that no single-component audit could catch.

The Standouts: Deep Protocol Failures

These hacks reveal fundamental issues in protocol design, failures that go beyond simple mistakes and touch on core assumptions about how DeFi systems should work.

Yearn Finance: Legacy Infrastructure Exploits ($9.3M total)

December 2025

Yearn Finance suffered two related exploits in December 2025, both targeting legacy infrastructure that remained on-chain after protocol upgrades.

First exploit: Economic Invariant Violation ($9M) — December 1

Yearn Finance’s legacy yETH stableswap pool was drained in a single transaction. The attacker found a flaw in the share calculation logic that allowed minting a near-infinite number of yETH tokens. About 1,000 ETH (worth around $3 million) was sent to Tornado Cash.

The attacker found an edge case in the stableswap formulas where share calculations could be manipulated. The vulnerability existed in the accounting logic itself. When the protocol calculated shares for deposits or withdrawals, the math could be manipulated to create shares out of thin air.

Second exploit: Legacy Contract Risk ($300K) — December 17

Following the first exploit, Yearn’s V1 contracts were targeted. When protocols upgrade, old contracts don’t disappear. They remain on-chain, potentially holding value. In Yearn’s case, the V1 contracts still had funds locked in them, and those funds became a target after the first exploit drew attention to Yearn’s legacy infrastructure.

Why it matters (auditor and organizational perspective):

The first exploit shows an important gap in audit methodology. Static analysis tools don’t verify economic invariants. Fuzzers test code paths, not economic models. Audit processes need to clearly verify that accounting logic maintains intended invariants across all operation sequences.

The second exploit highlights that legacy contracts represent ongoing risk. The first exploit may have drawn attention to Yearn’s legacy infrastructure, leading to the second. Protocols need clear plans for sunsetting old contracts, migrating remaining value, and monitoring for unexpected interactions.

Mitigation: Implement invariant tests that assert share-to-value relationships hold across all operations. Use differential fuzzing to compare accounting calculations against reference implementations. Have clear deprecation strategies for legacy contracts with ongoing monitoring.

The vulnerability class: Economic invariant violation and legacy contract risk.

Deep dive: Yearn Finance DeFi Project Hacked for $9M | PeckShield Alert | Yearn Finance V1 Exploit

Balancer: Rounding Error Exploitation ($70–128M)

November 3, 2025

Small rounding errors in Balancer’s stable pool calculations were amplified through high-frequency batch swaps, resulting in a $70–128 million drain across multiple chains. Attackers executed hundreds or thousands of swaps, with each swap amplifying the previous rounding error until those tiny errors accumulated into massive value extraction.

How it worked:

Balancer’s stable pools use complicated formulas to maintain price stability. These formulas involve rounding at multiple steps. In normal operation, rounding errors are small. But attackers found a way to structure batch swaps that consistently benefited from the rounding direction, extracting value through repeated operations.

Why it matters (protocol designer perspective):

AMM math needs to be correct under adversarial conditions. Every rounding decision becomes a potential attack vector when dealing with large capital and the ability to execute many transactions quickly. Designers need to think adversarially: what happens if an attacker executes this operation a thousand times?

What audits missed: Standard audit processes tested individual swaps, not sequences of hundreds or thousands. Rounding errors were measured as less than 1 wei per swap and treated as negligible. No invariant was asserted over N repeated operations. Fuzzers without stateful sequence modeling couldn’t discover this.

Mitigation: Assert invariants that hold across repeated operations. Test with adversarial batch sizes. Use formal verification to prove rounding error bounds remain acceptable under any sequence of operations.

The vulnerability class: Mathematical precision error in AMM formulas.

Deep dive: Balancer DeFi Protocol Suffers Massive Exploit | Balancer Hack Explained with Multi-Chain Details

GMX: System Boundary Failure ($42M)

July 9, 2025

GMX, a perpetuals trading protocol that handles billions in trading volume, was exploited for $42 million. The exploit didn’t come from a bug in the core trading logic. It emerged at the boundaries between components: where oracles meet margin calculations, where liquidation logic interacts with bridge infrastructure.

How it worked:

The vulnerability existed in how these components interacted, not in any single component. When oracles update prices, margin requirements change, and liquidation logic responds. The attacker likely found a way to manipulate these interactions, perhaps by timing oracle updates with margin calculations. About $9.6 million was bridged to Ethereum immediately after the exploit, suggesting careful planning.

Why it matters (system architecture perspective):

Well-audited individual components can still fail when integrated. The vulnerability doesn’t exist in any single contract. It exists in the space between components, in how they communicate and interact. As protocols become more complicated and composable, the attack surface grows at component boundaries.

What audits missed: Traditional audit processes typically focus heavily on components in isolation. Integration testing exists, but it may not cover adversarial scenarios where an attacker can time operations across component boundaries.

Mitigation: Implement integration tests that simulate full system behavior. Use adversarial simulation frameworks that can model interactions between components. Test timing attacks where operations are sequenced to exploit component interactions.

The vulnerability class: System integration failure.

Deep dive: GMX Exploit Coverage

Cork Protocol: Liquid Staking Derivative Handling ($12M)

May 28, 2025

Cork Protocol lost about 3,761 wstETH (worth around $12 million) due to a vulnerability in how it handled liquid staking derivatives. Liquid staking derivatives like stETH, wstETH, and osETH introduce hidden state changes. The exchange rate between wstETH and ETH changes over time as staking rewards accumulate.

How it worked:

The exploit involved a mismatch between how Cork Protocol modeled wstETH’s value accrual and how it actually works. The protocol likely assumed a static 1:1 relationship that doesn’t hold. An attacker could deposit wstETH when the exchange rate is favorable, wait for it to accrue value, then withdraw more than they should be able to.

Why it matters (organizational perspective):

This highlights an organizational knowledge gap. Many development teams treat all ERC-20 tokens the same way, but liquid staking derivatives work differently. This isn’t just a code problem. It’s a knowledge management problem. Teams need processes to identify and document token-specific behaviors before integration.

Mitigation: Always use the token’s exchange rate functions (e.g., wstETH.getStETHByWstETH()). Never assume a 1:1 relationship. Account for value accrual over time in any calculations involving LSDs.

The vulnerability class: Token mechanics misunderstanding.

Deep dive: Cork Protocol Hacked for $12M, Smart Contracts Paused

Interesting Edge Cases

These hacks reveal narrower but still instructive lessons about specific vulnerability classes.

Bunni: Precision Error Accumulation ($2.4–8.3M)

September 2, 2025

Bunni, a concentrated liquidity protocol, was exploited through a precision/rounding bug in its LP accounting system. The exact loss varies by source ($2.4M initially reported, later analysis suggests up to $8.3M).

How it worked:

The attacker found a way to make repeated deposits and withdrawals that exploited rounding in their favor. Each operation extracted a tiny amount, but over many operations, those tiny amounts added up to millions.

Why it matters (testing methodology perspective):

Most test suites model single operations, not operation sequences. A test might verify that a single deposit calculates shares correctly, but it won’t catch precision errors that only appear after dozens of operations. Fuzzers that don’t model stateful sequences miss these issues.

Mitigation: Use established math libraries (e.g., PRBMath, ABDKMath). Test sequences of operations, not just single operations. Consider using higher precision internally even if external interfaces use standard precision.

The vulnerability class: Precision/rounding error in LP accounting.

Deep dive: Bunni V2 Exploit: $8.3M Drained

Garden Finance: Multi-Chain Attack Pattern ($5.5M)

October 30, 2025

Garden Finance was exploited for $5.5 million plus across multiple chains. The attacker exploited on one chain, then used cross-chain bridges to move stolen assets to other chains, swapping them through different DEXs to obscure the trail.

Why it matters (threat modeling perspective):

Multi-chain deployments create new attack surfaces. Threat models need to account for cross-chain attack vectors. Attackers might exploit your protocol on one chain, then use cross-chain infrastructure to escape or obscure their tracks.

Mitigation: Design threat models that include cross-chain attack vectors. Understand how bridges work and their security assumptions. Consider implementing cross-chain monitoring and alerting.

The vulnerability class: Multi-chain attack pattern.

Deep dive: Garden Finance Breach Coverage

Nemo Protocol: When “Safe” Languages Aren’t Enough ($2.4M)

September 8, 2025

Nemo Protocol on Sui was exploited for $2.4M. The attacker bridged stolen USDC via Circle from Arbitrum to Ethereum. The exploit happened despite Move’s safety features.

Why it matters (tooling perspective):

Move’s type system prevents certain bugs, but it doesn’t address an entire class of protocol-level vulnerabilities. If your protocol’s economic logic is flawed, if your access control is weak, if your oracle integration is vulnerable, Move’s type system doesn’t help.

The vulnerability class: Economic logic error in non-EVM ecosystem.

Deep dive: Nemo Protocol Exploit Details

The Rest: Operational Failures

Several other hacks in 2025 represent straightforward operational failures rather than novel technical vulnerabilities:

• Unleash Protocol ($3.9M, December 30): Unauthorized drain, likely compromised permissions
• ArcadiaFi ($2.5M, July 15): Allowance/approval abuse on Base chain
• NewGoldProtocol ($2M, September 18): Token exploit, funds routed through Tornado Cash
• SuperRare ($730K, July 28): NFT platform exploit
• USPD ($1M, December 5): Token approval exploit
• 402bridge ($17K, October 28): Small bridge exploit

These incidents follow well-known patterns: compromised admin keys, excessive token approvals, and access control failures. The solutions are known: use multisig for admin functions, implement proper access controls, monitor for excessive approvals.

Summary

Looking across 2025’s hacks, several patterns emerge. Economic correctness matters as much as code security. Yearn’s infinite mint and Balancer’s rounding errors show that protocols need formal verification of their economic models, not just code audits. System boundaries hide complexity. GMX’s exploit demonstrates that well-audited components can still fail when integrated. Integration testing and adversarial simulation are essential.

Precision and rounding remain dangerous. Bunni’s exploit is a reminder that fixed-point arithmetic vulnerabilities persist. Test operation sequences, not just single operations. Cross-chain creates new attack surfaces. Garden Finance and Nemo Protocol show that multi-chain deployments require security models that account for cross-chain attack vectors. Language safety doesn’t eliminate economic bugs. Nemo Protocol demonstrates that type-safe languages prevent certain bugs but don’t address economic logic errors. Legacy contracts are ongoing risks. Yearn’s December exploits show that deprecated contracts remain vulnerable, and one exploit can draw attention to legacy infrastructure. Have clear deprecation strategies and ongoing monitoring.

Like this article? Click follow to stay updated.

Audited, Tested, and Still Broken: Smart Contract Hacks of 2025 was originally published in Coinmonks on Medium, where people are continuing the conversation by highlighting and responding to this story.