A flaw in Solv Protocol's (SOLV) "BitcoinReserveOffering" smart contract allowed an attacker to inflate 135 BRO tokens into approximately 567 million, then swap the position for 38.05 SolvBTC worth roughly $2.7 million, the protocol confirmed.
Fewer than ten users were affected, and Solv said it would cover all losses.
The attacker has not responded to a 10% white-hat bounty offer as of publication.
The breach targeted a Bitcoin (BTC) Reserve Offering vault - a structured yield product where BTC exposure is packaged into locked, interest-bearing positions.
Solv operates what it calls the largest on-chain Bitcoin reserve, holding 24,226 BTC valued at over $1.7 billion.
DefiLlama data shows more than $508 million currently locked in SolvBTC-related products.
What Happened
Security firm Decurity's automated monitoring bot flagged the attack: the exploiter triggered the double-minting vulnerability in the "BitcoinReserveOffering" contract 22 consecutive times across separate transactions.
Pseudonymous researcher Pyro characterized the technique as re-entrancy-like - a class of exploit where repeated contract calls manipulate balance-update logic before it settles, enabling token creation beyond intended limits.
CD Security co-founder Chris Dior confirmed the mechanism independently.
Solv has not released a full technical post-mortem but said it has deployed mitigations and engaged Hypernative Labs, SlowMist, and CertiK to conduct a comprehensive audit. The SOLV token rose approximately 2% the day of disclosure, suggesting limited immediate market contagion.
Read also: Iran's New Supreme Leader Has IRGC Ties And A $7.8B Crypto War Chest
Why It Matters
The incident adds to a difficult stretch for DeFi security. The sector lost more than $3.4 billion to exploits in 2025. Through January and February 2026, a further $112.5 million was drained across 31 separate incidents.
The Solv exploit - alongside a $240,000 Curve Finance oracle manipulation disclosed the same week - suggests that smaller, targeted attacks on specific vault mechanisms have replaced the mega-hacks of prior cycles.
The double-minting flaw also exposes a persistent structural tension in Bitcoin-linked DeFi: wrapping BTC into smart contract environments introduces attack surfaces that native Bitcoin does not carry.
Solv's backers include Binance Labs, Blockchain Capital, and OKX Ventures, meaning scrutiny of its recovery and audit process extends well beyond the ten users directly affected by the breach.