exploit
Summer.fi drained of $6M as attacker donates stale-priced Silo token into Lazy Summer vault
Summer.fi's Lazy Summer vaults lose $6.04M in an ERC-4626 donation attack. Root cause: a Silo Varlamore USDC vault token stale-priced since November's Stream Finance collapse. Vaults paused.
Summer.fi — the front-end for the Lazy Summer Protocol, a yield router that stacks positions across Aave and Morpho — paused all its vaults on July 6, 2026 after an attacker extracted $6.04M from two Ethereum vaults in a single atomic transaction. The exploit was flagged live by Blockaid and confirmed by the Summer.fi team, which said in a statement carried by CoinDesk and The Block: "We are aware of the reported exploit a little earlier today and are investigating the root cause." The mechanics are what set this one apart — it was not a bug in the vault code. It was a donation of a stale-priced asset into an accounting system that credited it at face value.
What happened
On-chain, the exploiter address 0x7BF716167B48CF527725722C6d79494b45B3BDCa opened a $65.4M flash loan on Morpho, routed liquidity through Curve DAI/USDC pools and a Balancer leg, redeposited into two Summer.fi "Ark" positions (the protocol's per-strategy accounting subcontracts), and redeemed vault shares at a distorted price. Net take: ~$5.64M from the low-risk USDC vault and ~$0.40M from the higher-risk one. Total extracted redemption: $70.9M against the $65.4M borrowed. Sample tx: 0x0db528c44f23fc7fa4544684a2fab81096450a14aae8bc89f42cd0592d43da12. Blockaid identified three affected Lazy Summer contracts: 0x98C49e13bf99D7CAd8069faa2A370933EC9EcF17, 0xA9ca4909700505585B1aD2a1579dA3b670FFA9c4, 0xE9cDA459bED6dcfb8AC61CD8cE08E2D52370cB06.
Mechanism — the donation, not the flash loan
The flash loan grabbed headlines. The load-bearing detail is the donated asset.
Summer.fi's Arks credit any tokens transferred directly into them at the asset's on-chain reported valuation. The attacker donated a specific token — the Silo Varlamore USDC Growth vault token — that had been stale-priced since November 2025. That's when Stream Finance's xUSD collapsed after an external fund manager disclosed a $93M loss, exposing an estimated $285M in interconnected debt across Euler, Silo and Morpho. Some Silo market tokens tied to that ecosystem were never marked down to reflect the impaired underlying, even as interest continued to accrue on stranded USDC. The token still reported near its original valuation while trading for a fraction of it.
That gap was the whole exploit.
The attacker donated a large position of the stale token into an Ark that was still credited in the parent vault's share-price calculation. The reported vault value inflated by roughly 9.5% with nothing real behind it. The attacker then redeemed pre-donation shares at the inflated per-share price, took ~$6M of DAI out net, repaid the flash loan, and pocketed the delta.
Preparation — three months, not three minutes
Summer.fi's post-mortem describes an operation planned at least three months in advance. Attacker wallets were funded through a common path in early April 2026 and used over subsequent weeks to accumulate the stale Silo Varlamore position across multiple addresses, obscuring the buildup. The final $65.4M flash loan was the trigger on a weapon assembled slowly — not the exploit itself.
Numbers
- Exploit date : July 6, 2026
- Total drained : ~$6.04M
- Low-risk USDC vault : ~$5.64M
- Higher-risk vault : ~$0.40M
- Flash loan (Morpho) : ~$65.4M
- Redemption reached : ~$70.9M
- Vault price inflation : ~9.5%
- Root-cause asset : Silo Varlamore USDC Growth vault token (stale since Nov 2025 Stream Finance collapse)
- Preparation window : ≥ 3 months (wallets funded early April 2026)
- Detection : Blockaid, real-time
- Response : Lazy Summer vaults paused by Summer.fi guardians
- Exploiter address : 0x7BF716167B48CF527725722C6d79494b45B3BDCa
- Sample tx : 0x0db528c44f23fc7fa4544684a2fab81096450a14aae8bc89f42cd0592d43da12
- Fund routing : DAI → ETH via Uniswap → Tornado Cash in ~10 ETH batches
Figures per Blockaid, Summer.fi's post-mortem and reporting by CoinDesk, The Block and AMBCrypto.
Fund movement
Post-exit, the ~$6M in DAI was swapped to ETH on Uniswap and forwarded to **Tornado Cash in small batches of 10 ETH per transaction**. Approximately 40 ETH ($71,800) had been laundered through the mixer at the time of the last public trace. That pace — small, consistent, deliberately non-headline-triggering — is consistent with an operator who assumes they have days, not hours, of runway before OFAC-adjacent addresses become hot.
Impact
- Depositors in Lazy Summer USDC vaults are pro-rata short the drained amount until the recovery mechanism (if any) is disclosed. The vaults are paused; withdrawals are blocked pending an accounting reconciliation.
- Silo and Morpho are not the exploited protocols here — but they hosted the underlying instruments. The Silo Varlamore market token being stale-priced eight months after Stream Finance collapsed is the specific integration debt that got monetised. Any protocol composing Silo market tokens as collateral needs to audit the same assumption.
- Blockaid takes a real-world win — the exploit was flagged in the same block as the drain, and the disclosure timeline shows the security firm publishing addresses fast enough that on-chain investigators had a handhold before the funds reached the mixer.
What to watch
- Summer.fi's remediation announcement. Whether depositors are made whole, and at what pro-rata haircut, is the near-term line item.
- Silo's mark-down of the Varlamore Growth vault token. Correcting the stale price is the mechanical prerequisite for other protocols exposed to the same asset to stop accruing the same latent liability.
- Attacker's Tornado Cash cadence. At 10 ETH per transaction, the remaining balance takes days to clear. Any acceleration — or a bridge hop to Solana / Bitcoin via cross-chain routers — is the operator changing posture.
- A bug-bounty negotiation. Some months-long-prepared operators return funds for a 10–20% keep. Summer.fi has not publicly opened that door; watch for a change of tone from the team over the next 72 hours.
Context — the season of "the code did what it was told, given bad inputs"
This is the fourth substantial 2026 DeFi loss that pivots on stale oracle data or overvalued collateral, not on a Solidity bug: the Edel Finance wGOOGLx oracle exploit in early July, the Aave rsETH bridge episode in April, the sequential unwinds around Stream Finance, and now Summer.fi. In each, the smart contracts did exactly what they were instructed to do; the input they received was wrong. The industry's exploit surface is shifting from "find a reentrancy" to "find an input the accounting will trust that reality won't." The Lazy Summer donation attack is the sharpest illustration to date — the attacker didn't beat the vault. They fed it something the vault had no reason to distrust, and let the vault convict itself.
What other outlets missed
Most write-ups frame this as a flash-loan attack. It isn't. Repeating "flash loan" as the causal event mis-identifies the failure mode — the flash loan was just capital efficiency for the extraction step. The exploitable primitive was the Ark's willingness to credit any donated token at its stale on-chain price, combined with a specific market token that Silo had left unmarked-down through the entire eight months since Stream Finance collapsed. Any vault that credits donations at reported valuation and holds any asset whose upstream protocol has left a stale price live is vulnerable to the same class of donation attack, with or without a flash loan.