Yield loses $3.7 million after extreme slippage wipes out GHO trade

Yield, a decentralized finance (DeFi) protocol, has lost $3.73 million in trade. This was a result of extreme slippage, resulting in 3.84 million GHO being exchanged for just 112,000 USDC.

According to Perkshield, the transaction involved six different tokens and leveraged two DeFi platforms, including Uniswap V4 and Bancor. Several internal ETH transfers were executed to facilitate the swap, including transfers from Uniswap pools to wrapped Ether contracts, as well as Bancor swap and converter addresses.  

Slippage and liquidity difficulties cause losses in millions

The main transaction sent 3,840,651 stkGHO from the Uniswap pool. After that, smaller amounts of both stkGHO and GHO tokens were transferred through various liquidity pools and converters.

The largest ETH transfer was 24.99 ETH, worth approximately $78,368 from a Uniswap V4 pool. Smaller transfers, from fractions of an ETH to several ETH, were also seen. These were used for private settlement between liquidity pools and swap aggregators. Several transactions of ERC-20 tokens also happened.

Small transfers of tokens, including 11,127 stkGHO, worth approximately $11,118, and 2,707 stkGHO, worth $2,705, contributed to the overall transaction, but they didn’t have much of an effect on the total loss.

The transaction was quickly approved on-chain, with over 7,200 block confirmations recorded. The gas fee translated to only $1.03, underscoring that the loss was not due to transaction costs but entirely the result of slippage and liquidity issues. 

Yield acts as a vault layer that sends money to dozens of DeFi venues with “risk-adjusted optimization.” But slippage is the oldest trick in DeFi. If controls don’t work, limitations, routing, liquidity checks, and “optimization” can all become donations.

Users whose assets are deposited in the affected vault may experience reduced balances, though the extent of individual impact has not been disclosed. The protocol’s response and any corrective measures, such as adjustments to slippage limits or trade sizing parameters, remain pending.

 DeFi slippage and manipulation incidents increase

Previous DeFi incidents include smaller slippage-related losses in protocols like Yearn Finance, which resulted in the loss of approximately 63% of the LP value. Losses totaled $1.4 million prior to any returned funds, or around 2% of the entire treasury. 

Besides slippage, these platforms are very vulnerable to attacks. Last month, YearnFinanceV1 faced a hack that resulted in losses of about $300,000. The stolen funds were swapped into 103 Ether and now sit at address 0x0F21…4066, according to Etherscan images shared by the firm. Researcher Li found that the exploit was similar to an attack carried out in 2023, leading to losses exceeding $10 million. 

At the same time, Cryptopolitan featured a $2.7 million drainage from an old contract belonging to Ribbon Finance, the rebranded version of Aevo. That attack involved repeated interactions with a proxy admin contract at address 0x9D7b…8ae6B76. The attacker invoked functions such as transferOwnership and setImplementation to manipulate price-feed proxies through delegate calls.

Hyperliquid vault also recently suffered a nearly $5 million loss in a POPCAT manipulation attack. A trader split positions across multiple wallets, pushed the market around, then let it snap back, leaving the platform’s liquidity vault to eat $4.9 million in losses when the trade unraveled.

Claim your free seat in an exclusive crypto trading community - limited to 1,000 members.