Bonzo Lend, a lending protocol on Hedera, lost a reported $9 million after an attacker exploited a flaw in oracle signature validation, draining funds through what the project has described as a zeroed oracle signature exploit.
TLDR KEYPOINTS
- Bonzo Lend reported a $9 million loss from an oracle signature exploit on Hedera.
- The root cause was a zeroed signature that bypassed oracle price verification.
- Oracle provider Supra published a separate incident report acknowledging the vulnerability.
What happened in the Bonzo Lend exploit
Bonzo Lend disclosed that an attacker manipulated oracle price feeds by submitting a zeroed signature that the protocol’s verification logic accepted as valid. The flaw allowed the attacker to supply fabricated price data, which the lending contracts treated as legitimate, according to Bonzo Lend’s incident report. For related coverage, see XRP Price Prediction 2026: 4 AIs on How High Ripple Can Go.
With manipulated price feeds in place, the attacker was able to borrow against artificially valued collateral, extracting funds from the protocol’s lending pools before the issue was detected. For related coverage, see Trump Urges Senate to Pass Crypto Clarity Act.
Supra, the oracle provider used by Bonzo Lend, published its own security incident report addressing the vulnerability in its Hedera pull oracle verifier. For related coverage, see Ripple CEO Says SEC Lawsuit Nearly Pushed Company to Shut Down.
How a zeroed oracle signature bypasses lending safeguards
What oracle signatures do
In a lending protocol, oracle signatures serve as cryptographic proof that a price feed came from an authorized data provider. Before executing borrows or liquidations, the smart contract checks that the signature attached to incoming price data matches the expected oracle key. For related coverage, see SBI Solana Partnership Eyes Japan On-Chain Market.
What “zeroed” means in this context
A zeroed signature is one where the signature bytes are set to all zeros. In a properly implemented verifier, this should fail validation instantly. The exploit worked because the verification logic in the oracle’s on-chain verifier did not reject a null or zeroed signature, effectively treating unsigned data as authenticated.
This allowed the attacker to submit arbitrary price values, making collateral appear far more valuable than it was. The lending protocol then approved oversized borrows against that inflated collateral, similar in mechanics to how financial institutions face constraints around risk controls in lending operations.
What Bonzo Lend users and the wider market will watch next
Users with funds deposited in Bonzo Lend should monitor the protocol’s official channels for updates on whether withdrawals have been paused and whether any recovery process is underway.
Supra’s acknowledgment of the verifier flaw suggests a patch to the oracle’s signature validation is either in progress or deployed. The broader Hedera DeFi ecosystem will likely scrutinize other protocols using the same oracle integration, as the vulnerability was in the oracle provider’s verifier rather than Bonzo Lend’s own code.
Key developments to watch include a full post-mortem with on-chain transaction details, any fund recovery or reimbursement plan, and whether other Hedera-based protocols using Supra oracles were similarly exposed.
Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency and digital asset markets carry significant risk. Always do your own research before making decisions.